User’s Guide – version 3.5 | NetFlow Tracker |
Enabling NetFlow Export on a 4000 Series Switch
The 4000 and 4500 series switches require a Supervisor IV with a NetFlow Services daughter card
ip route-cache flow infer-fields
This ensures routing information is included in the flows.
Enabling NDE on a Native IOS Device
The following commands are required in addition to the commands required to configure an IOS device above to get NetFlow information on
mls netflow
This enables NetFlow on the supervisor.
mls nde sender version 5
or
mls nde sender version 7
This sets the export version. Due to several IOS bugs, the export version you must use on the supervisor is dependent on your hardware configuration and IOS version:
•Distributed Forwarding Cards and 12.1(13)E03, 12.1(18.1)E, 12.2(13.6)S, 12.2(15.1)S, 12.2(17a)SX or above: use version 5. Note that this configuration will cause the Performance Counters to report missed flows that are not actually missed; this is the result of an IOS bug fixed in the SXF strains.
•Distributed Forwarding Cards and older than 12.1(13)E03, 12.1(18.1)E, 12.2(13.6)S, 12.2(15.1)S or 12.2(17a)SX: this configuration will cause serious problems, so please contact Fluke Networks if your device matches this description.
•No Distributed Forwarding Cards and 12.0(24)S, 12.2(18)S, 12.3(1) or above: use version 5 and configure the MSFC to export version 9 as described above.
•No Distributed Forwarding Cards and 12.1(13)E03, 12.1(18.1)E, 12.2(13.6)S, 12.2(15.1)S, 12.2(17a)SX or above: use version 5.
•Anything else: use version 7. Note that version 7 may not include AS or subnet mask information.
mls aging long 64
This breaks up
mls aging normal 32
This ensures that flows that have finished are exported in a timely manner.
80