Chapter 5 Configuring Firewall Load Balancing

Displaying Firewall Flow Summaries

Displaying Firewall Flow Summaries

Use the show flows command to display the flow summary for a source IP address, or for a specific source address and its destination IP address on a Switch Processor (SP) in a CSS. You can display up to 4096 flows per SP.

This information allows you to:

Identify which firewall is used for a particular flow

View flows to ensure the proper operation of FWLB The syntax is:

show flows source_address destination_address

The variables are:

source_address - The source IP address for the flows. Enter the address in dotted-decimal format (for example, 192.168.11.1).

destination_address - The destination IP address. Enter the address in dotted-decimal format (for example, 192.168.11.1).

For example:

(config)# show flows 192.165.22.1 192.163.2.3

To display the flows for a specific source IP address, enter:

(config)# show flows 192.165.22.1

To display the flows for specific source and destination IP addresses, enter:

(config)# show flows 192.165.22.1 192.163.2.3

 

 

Cisco Content Services Switch Security Configuration Guide

 

 

 

 

 

 

OL-5650-02

 

 

5-15

 

 

 

Page 113
Image 113
Cisco Systems OL-5650-02 manual Displaying Firewall Flow Summaries, Config# show flows 192.165.22.1