Showing dropped packets?

Hi,

I'm exporting data from a Cisco 2621XM to a demo version of Netflow Analyser 4. Everything seems to be working well. However, I was looking at an application report, and UDP_App was listed. Drilling down to see which ports were involved, I saw this:

SrcIP:SrcPort DestIp:DestPort
a.b.c.d:51423 w.x.y.z:1026

Looking in my router logfiles, I saw that this flow was actually dropped by an ACL.

So:

- Is it usual for packets dropped by ACLs to appear in the Analyser?
- I only investigated this in any depth because it looked suspicious, only to find that it was dropped by an ACL anyway (a bit of a waste of my time!). Is there any way to distinguish between traffic that was dropped by an ACL and that which was not?

many thanks,
alec

Topic Participants
alecw_me
netflow_support

Showing dropped packets?

Showing dropped packets?

Topic Participants

alecw_me

netflow_support