There are some SNMP OID's that you can use to monitor Netflow TCAM utilization and Netflow learn failures. I don't have them handy, but if I find them I'll post them.
We found that even during the summer break our TCAM tables where often full and 1000's of flows per second were failing to be recorded. We are using fairly aggressive timers, too. These are sup 720's with PFC 3BXL's and DFC's. We are implementing optical taps on certain links to address these issues. If you are trying to collect flow data from sup720's on busy networks, please keep in mind you may not be getting as complete a picture as you think. -Neil -- Neil Johnson Network Engineer ITS-Telecommunications and Network Services The University of Iowa 319 384-0938 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shane Gaumond Sent: Wednesday, December 05, 2007 1:38 PM To: [email protected] Subject: [Nfsen-discuss] Netflow TCAM threshold exceeded I run the following on my cat 6K I have no problems.. IOS Version 12.2(18) ip flow-cache timeout inactive 10 ip flow-cache timeout active 1 no ip flow export layer2-switched vlan 1-4094 mls netflow usage notify 80 120 mls flow ip interface-full no mls flow ipv6 ip flow-export version 9 The timeout values keep my graph less spikey "comb like" I think the layer 2 flows are filling up your buffers and causing your error. Whenever i enable the layer 2 flows i get a whole lot of data. most of it is useless ARP replys, OSPF, HSRP etc. I think if you disable the layer 2 reporting you should be fine. You can still enable layer 2 for a few vlans if you really need that info but layer 2 data for the whole chassis will overrun buffers. I also run Version 9 which is supposed to be more efficient. I disagree with the netflow being automatic or broken on the Cat6k. I had to enable "ip flow ingress" on all my vlan interfaces to have the chassis report flows for the interfaces. Netflow reporting worked exactly like Cisco said it would. My only complaint of netflow on the Cat6K is that netflow will only report IFindexes of interfaces with IP's. This rules out switchports. The ifindex reported in flows will always be the ifindex of the vlan interface and never the physical interface. Unless the physical interface has an IP and "IP flow ingress" configured which is not standard. Shane ------------------------------------------------------------------------- SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 _______________________________________________ Nfsen-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ Nfsen-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
