We are definitely running MLS and we definitely can get the switchport (layer 2) counters with SNMP. Of course measuring VLAN traffic on an MSFC is another matter altogether which requires Netflow tools.
Moses, If you want to look at accurate real time counters (for a short term reality check) use something like STG. MRTG samples at five minute intervals and a lot of traffic spikes are hidden. STG samples about every second. At least with this tool you could confirm how much traffic is happening in between the samples. Not that this is a replacement for MRTG but just another tool to give more information. You can dowload it here: http://leonidvm.chat.ru/ Where did you get the figure for MaxBytes? Was this from Configmaker? I would use the value below for Gigabit interfaces MaxBytes[10.4.0.4_107]: 125000000 Remember that this value is in bytes not bits and MRTG will scale the graphs accordingly. Also you might want to consider not using the interface numbers returned by Cfgmaker. Sooner or later the interface index will change and you'll have to change the entire config. The ifref=name option on cfgmaker is the better way to go...something like the following. cfgmaker --ifref=name [EMAIL PROTECTED] address > mrtg.cfg If you want to change the existing config, just run the "sh port ifindex" on the 6500 to figure out what port index numbers like 107 equate to for a port name such as #6/1. Here is an example config, not quite as fancy as yours below but it works: Target[10.0.1.5_6_1]: #6/1:[EMAIL PROTECTED]:::::2 SetEnv[10.0.1.5_6_1]: MRTG_INT_IP="" MRTG_INT_DESCR="" MaxBytes[10.0.1.5_6_1]: 125000000 Title[10.0.1.5_6_1]: Gigabibt ethernet 6/1 to Some Machine PageTop[10.0.1.5_6_1]: <H1>Gigabibt ethernet 6/1 to Some Machine </H1> <TABLE> <TR><TD>System:</TD> <TD>MCC_6509_1 in </TD></TR> <TR><TD>Maintainer:</TD> <TD></TD></TR> <TR><TD>Description:</TD><TD> </TD></TR> <TR><TD>ifType:</TD> <TD>Gigabit Ethernet (6)</TD></TR> <TR><TD>ifName:</TD> <TD>6/1</TD></TR> <TR><TD>Port Name:</TD> <TD>Some Machine</TD></TR> <TR><TD>Max Speed:</TD> <TD>125.0 MBytes/s</TD></TR> </TABLE> Options[10.0.1.5_6_1]: bits Kevin -----Original Message----- From: Moses Hernandez [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 31, 2004 3:25 PM To: Grossman, Benjamin Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [mrtg] Re: SNMP and Cisco ... Oh the Fun a newbie can have. RE: [mrtg] Re: SNMP and Cisco ... Oh the Fun a newbie can have.I understand your thinking on this, but even though we are using MLS I should see more activity between those ports just because we are transferring pacs images that can be 50-100MB per case. So I would've imagined that we are using more of the bandwidth than we are possibly seeing. I am going to try and approach this differently, instead of monitoring the CoreSwitches i am going to monitor the IDF's. Moses. ----- Original Message ----- From: Grossman, Benjamin To: 'Moses Hernandez' Cc: [EMAIL PROTECTED] ; [EMAIL PROTECTED] Sent: Tuesday, August 31, 2004 2:39 PM Subject: RE: [mrtg] Re: SNMP and Cisco ... Oh the Fun a newbie can have. This is (all to often) the normal case for a Cisco 6500 switch/router. The issue is that, in the most common case, the 6500 is only routing the first few packets of a given 'conversation'; after that they are switched. So the traffic counters for the Virtual router Interface are pretty much useless. The only ways I know around this are to either install some fancy hardware (Multi-Flow Feature Card?) and matching software; or to disable that part of the 'switching' function. I seem to recall having some luck with disabling CEF on that router port---WARNING: this will have a severe negative impact on router performance! Do not do this lightly. -Benjamin -----Original Message----- From: Moses Hernandez [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 31, 2004 9:00 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [mrtg] Re: SNMP and Cisco ... Oh the Fun a newbie can have. Hmm actually let me do that. Here is what i have right now on one of my interfaces: ### Interface 107 >> Descr: 'DataCenter 2MDF-SW1' | Name: '3/1' | Ip: '' | Eth: '00-0d-28-3f-8b-b8' ### ### The following interface is commented out because: Target[10.4.0.4_107]: 107:[EMAIL PROTECTED]:161::::2 SetEnv[10.4.0.4_107]: MRTG_INT_IP="" MRTG_INT_DESCR="DataCenter 2MDF-SW1" MaxBytes[10.4.0.4_107]: 1000000000 Title[10.4.0.4_107]: DataCenter 2MDF-SW1 -- MIA_6K_MDF1 PageTop[10.4.0.4_107]: <H1> DataCenter 2MDF-SW1 -- MIA_6K_MDF1</H1> Options[10.4.0.4_107]: bits, unknaszero YLegend[10.4.0.4_107]: Port Utilization LegendI[10.4.0.4_107]: In LegendO[10.4.0.4_107]: Out Legend1[10.4.0.4_107]: Inbound Bits Legend2[10.4.0.4_107]: Outbound Bits Legend3[10.4.0.4_107]: INBOUND Max value per interval on graph Legend4[10.4.0.4_107]: OUTBOUND Max value per interval on graph Colours[10.4.0.4_107]: GREEN#00eb0c,BLUE#0000ff,GRAY#AAAAAA,VIOLET#ff00ff WithPeak[10.4.0.4_107]: ymw <TABLE> <TR><TD>System:</TD> <TD>MIA_6K_MDF1 in Mercy MDF</TD></TR> <TR><TD>Maintainer:</TD> <TD></TD></TR> <TR><TD>Description:</TD><TD> </TD></TR> <TR><TD>ifType:</TD> <TD>ethernetCsmacd (6)</TD></TR> <TR><TD>ifName:</TD> <TD>3/1</TD></TR> <TR><TD>Port Name:</TD> <TD>DataCenter 2MDF-SW1</TD></TR> <TR><TaD>Max Speed:</TD> <TD>1000.0 MBytes/s</TD></TR> </TABLE> Interestingly enough when i do a show port 3/1 (this is the CatIOS Side, Hybrid Mode) i do not see any counters that would reflect that. show spantree 3/1 shows forwarding in all of the vlans but the graph at the momment display about Max In 8753.5 kb/s (0.1%) Average In 3592.3 kb/s (0.0%) Current In 4237.3 kb/s (0.1%) Max Out 1520.6 kb/s (0.0%) Average Out 1205.6 kb/s (0.0%) Current Out 1207.2 kb/s (0.0%) is that correct? I mean seems awfully low so what i did was telneted to the other side and looked at the gigabit uplink. This is what i see for 5 minutes 5 minute input rate 1238000 bits/sec, 933 packets/sec 5 minute output rate 3966000 bits/sec, 978 packets/sec Is there something i am missing maybe? or are these numbers accurate and that switch has little to no traffic maybe? Mind you the biggest traffic generation is between the 2 cores and i've seen the max 50MB/s with the links being Gigabit. >From: Eric Brander <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: [mrtg] Re: SNMP and Cisco ... Oh the Fun a newbie can have. >Date: Tue, 31 Aug 2004 10:06:06 -0500 >MIME-Version: 1.0 >Moses Hernandez wrote: > > > I have started using mrtg on a win32 test box. It has been running > > for 5 days on the core router 6500 router side, two remote connect > > routers and >the > > internet firewall. Today I configured the 6500 gigabit switchports > > to >also > > get snmp info. I have noticed not much traffic above the 640.0 K > > usage, maybe 1.2M. I am using mrtg 2.10.15 and I thought it was a > > versioning >issue > > but noticed some others in the archive had similar issues though no > > resolution. As an aside the low numbers are showing up on my nokia >firewalls > > and the numbers are kind of inconsistance with the bandwidth stats > > from >my > > isp. -- Unsubscribe mailto:[EMAIL PROTECTED] Archive http://www.ee.ethz.ch/~slist/mrtg FAQ http://faq.mrtg.org Homepage http://www.mrtg.org WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi -- Unsubscribe mailto:[EMAIL PROTECTED] Archive http://www.ee.ethz.ch/~slist/mrtg FAQ http://faq.mrtg.org Homepage http://www.mrtg.org WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi -- Unsubscribe mailto:[EMAIL PROTECTED] Archive http://www.ee.ethz.ch/~slist/mrtg FAQ http://faq.mrtg.org Homepage http://www.mrtg.org WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
