Sent: Thursday, February 25, 2010 7:28 PM
To: Cisco-nsp
Subject: Re: [c-nsp] Netflow - GSR engine 5
On Feb 26, 2010, at 12:43 AM, Drew Weaver wrote:
but why is it showing up in the netflow exports?
Because that's how NetFlow is supposed to work on a real router, vs. the broken
implementation
To: Drew Weaver
Cc: Cisco-nsp
Subject: Re: [c-nsp] Netflow - GSR engine 5
Hi,
On Thu, Feb 25, 2010 at 11:43:37AM -0500, Drew Weaver wrote:
Should ingress packets dropped by ACLs still hit Netflow on the GSR with E5
linecards?
Gi2/0/2 10.1.123.32 Null 10.1.123.3 11 A29F 0035
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2/25/2010 7:28 PM, Dobbins, Roland wrote:
Because that's how NetFlow is supposed to work on a real router, vs.
the broken implementation on 6500/7600 with current hardware.
I am running Netflow v5 on a 7600 with 12.2(33)SRC5 and I see packets
Howdy,
Should ingress packets dropped by ACLs still hit Netflow on the GSR with E5
linecards?
Gi2/0/2 10.1.123.32 Null 10.1.123.3 11 A29F 0035 1
Gi2/0/2 is one of our Internet connections
10.1.123.32 (changed to protect, is one of our routed public IPs that isn't
routed
Hi,
On Thu, Feb 25, 2010 at 11:43:37AM -0500, Drew Weaver wrote:
Should ingress packets dropped by ACLs still hit Netflow on the GSR with E5
linecards?
Gi2/0/2 10.1.123.32 Null 10.1.123.3 11 A29F 0035 1
I'm not sure whether this is documented anywhere, but this is
On Feb 26, 2010, at 12:43 AM, Drew Weaver wrote:
but why is it showing up in the netflow exports?
Because that's how NetFlow is supposed to work on a real router, vs. the broken
implementation on 6500/7600 with current hardware.
;
It's of great operational significance to know that even
Also keep in mind that the packet did actually ingress on some interface on
the router somewhere prior to it being dropped by the ACL. The NetFlow
record must be sent to the collector in order for the ingress interface
traffic to be reported correctly in the collector.
In other words, if the