ASR 9000 traffic capture - no monitor command

Hello,
unable to capture traffic on asr 9000 (5.1.3) - no 'monitor' command is available.
what software packed need to be installed and activated on asr router to solve this problem?
thanks,
Piotr

Hello Ahmed, 
You may want to have a look at below article. The below article has all the things which we require to check and configure the NETFLOW. 
https://supportforums.cisco.com/document/113076/asr9000xr-netflow-architecture-and-overview
Below is from CCO suggesting limitations as well. 
http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-2/netflow/configuration/guide/b_netflow_cg42asr/b_netflow_cg42asr_chapter_00.html#con_1068018
HTH, 
Nikhil 

Similar Messages

  • BFD COS Marking on ASR 9000

    I'm trying to set COS 6 on BFD packets originated by ASR 9000. Below is my config. Although BFD packets have IP PREC of 6, COS is set to 0, as seen on Wireshark capture.
    Do I need to do something special to set COS for locally originated packets? Specifically BFD?
    Also I came across one Cisco presentation mentioning:
    LOP (local originated packets) on 12k/CRS
    "All LOPs marked with ‘qos-group 0’ – important for uniform/pipe model "
    May be my config of qos-group 0 setting COS to 0 is messing it up?
    class-map match-any GRP_6
     match qos-group 6 
     match precedence 6 
     match mpls experimental topmost 6 
     end-class-map
    class-map match-any GRP_7
     match qos-group 7 
     match precedence 7 
     match mpls experimental topmost 7 
     end-class-map
    class-map match-any GRP_0
     match qos-group 0 
     end-class-map
    policy-map MARK_OUT
    class GRP_0
      set cos 0
     class GRP_6
      set cos 6
     class GRP_7
      set cos 7
     class class-default
     end-policy-map

    I'm running 5.1.3, and do not really want to upgrade just because of this issue.
    I definitely see BFD, BGP and LDP packets locally originated on 9k marked with PREC 6, MPLS EXP 6 but COS 0.
    If I match qos-group 0 in outbound policy-map and set COS 6, then I start seeing this BFD, LDP and BGP packets with COS 6 in Wireshark
    class-map match-any GRP_6
     match qos-group 6 0 
     match precedence 6 
     match mpls experimental topmost 6 
     end-class-map
    policy-map MARK_OUT
     class GRP_6
      set cos 6
    So I assume internally 9k is marking self-originated traffic with qos-group 0. This is not solution for my problem, because any traffic coming in to 9k and not explicitly marked to some qos-group is assumed to be qos-group 0. This way I may end up having excessive unnecessary traffic in COS 6 queue.
    The bug mentioned, CSCsr32152, is not public, and I can not view any additional info on it.
    So should I assume that
    1. Correct behavior for 9k is to set same COS as IPPREC or MPLS EXP for locally originated traffic, if egress interface has dot1q header.
    2. This behavior can not be affected by egress policy-map, except matching qos-group 0 (which is mentioned should not be possible, but my Wireshark sees it) (which will catch way too much unwanted traffic)
    3. The fact that COS is not the same as IPPREC is abnormal and might be reincarnation of CSCsr32152 already fixed in 3.9.

  • Asr 9000 evc grouping

    Do the ASR 9000's support EVC grouping / service group qos similar to the ES-20's cards?
    http://www.cisco.com/en/US/docs/routers/7600/install_config/ES20_config_guide/bald_qos.html#wp1453539

    The ASR9000 has a feature called "Shared Policy Instance" which allows to apply a service-policy to the aggregate traffic of a set of subinterfaces:
    http://www.cisco.com/en/US/docs/routers/asr9000/software/asr9k_r4.0/qos/configuration/guide/qc40clas.html#wp1895131
    Hope this helps,
    JC

  • Monitor command knocks out internet connection

    cisco 2651XM router
    IOS: c2600-adventerprisek9-mz.124-15.T9.bin
    fitted with NM-16-ESW switch module on to 172.1.16.xx
    I have a mail-and-web server plugged into fa1/14 on the switch module in this router, along with a PC plugged into fa1/7, and the router is connected to the internet.
    I'm using monitor commands to feed traffic data on f1/4 to fa1/7 thus:
    (config)#monitor session 1 source interface Fa1/14
    (config)#monitor session 1 destination interface Fa1/7
    The reason for this is I'm using wireshark on the PC (in f1/7) to watch traffic on the mail/web server (on f1/14) and it works great except that the monitor destination command knocks out my internet access on the PC. Without the monitor commands internet access is fine. I tried the whole thing again on a different PC and that lost the internet too so the problem is in the router.
    Is there a solution to this that will give me both the traffic feed and internet access? Thanks for any help.

    Hello Tony,
    unfortunately it looks like that your only option is to add a NIC to the PC
    http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt1636nm.html#wp1053663
    >> . You cannot configure a SPAN destination interface to receive ingress traffic. The interface does not forward any traffic except that required for the SPAN session.
    Hope to help
    Giuseppe

  • ASR 9000 ISM No translation entry drops

    Hi all!!
    We set up ISM on ASR 9000 in nat44 mode. All works fine, but No translation entry drops grows as I can see in
    sh cgn nat44 NAT1 statistics
    Can you explain me why does it happens and which troubles will I expect?
    Or may be there is a way to avoid these drops....
    service cgn CGN1
    service-location preferred-active 0/7/CPU0
    service-type nat44 NAT1
      portlimit 5000
      alg ActiveFTP
      inside-vrf insidevrf1
       map outsideServiceApp ServiceApp2 address-pool x.x.x.x/25
       external-logging netflow version 9
        server
         address 10.11.13.28 port 9996
    sh cgn nat44 NAT1 statistics
    Statistics summary of NAT44 instance: 'NAT1'
    Number of active translations: 11016
    Number of sessions: 650
    Translations create rate: 47
    Translations delete rate: 0
    Inside to outside forward rate: 1122
    Outside to inside forward rate: 1595
    Inside to outside drops port limit exceeded: 0
    Inside to outside drops system limit reached: 0
    Inside to outside drops resource depletion: 0
    No translation entry drops: 15579
    PPTP active tunnels: 0
    PPTP active channels: 0
    PPTP ctrl message drops: 0
    Number of subscribers: 1726
    Drops due to session db limit exceeded: 0
    Drops due to source ip not configured: 0
    Pool address totally free: 0
    Pool address used: 128

    Hi Andrew,
    This counter indicates:
    Number of times Outside-to-Inside packets (TCP + UDP + ICMP, Static + Dynamic) dropped because there is no NAT DB entry corresponding to the Destination IP and L4 Port.
    Please check your static route and ensure only the packets with destination address matching with public IP pool is sent to outside service app interface.
    Alternatively, some of those entries could be timed out as well so when the O2I packets reach, it does not find a NAT DB entry and gets dropped.
    You can refer the following guides as well to check out some other relevant commands (like, 'show .. outside-translations'):
    Config guide - http://www.cisco.com/en/US/docs/routers/asr9000/software/asr9k_r4.3/cg_nat/configuration/guide/cgnat_43.html
    Command Ref guide - http://www.cisco.com/en/US/docs/routers/asr9000/software/asr9k_r4.3/cg_nat/command/reference/b_cgnat_cr43xasr9k.html
    regards,
    Somnath.

  • Ask the Experts: Understanding Cisco ASR 9000 Series Aggregation Services Routers Platform Architecture and Packet Forwarding Troubleshooting

    With Xander Thuijs
    Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn how to Cisco ASR 9000 Series Aggregation Services Routers with Cisco expert Xander Thuijs. The Cisco ASR 9000 Series Aggregation Services Routers product family offers a significant added value compared to the prior generations of carrier Ethernet routing offerings. The Cisco ASR 9000 Series is an operationally simple, future-optimized platform using next-generation hardware and software. The ASR 9000 platform family is composed of the Cisco ASR 9010 Router, the Cisco ASR 9006 Router, the Cisco ASR 9922 Router, Cisco ASR 9001 Router and the Cisco ASR 9000v Router.
    This is a continuation of the live Webcast.
    Xander Thuijs is a principal engineer for the Cisco ASR 9000 Series and Cisco IOS-XR product family at Cisco. He is an expert and advisor in many technology areas, including IP routing, WAN, WAN switching, MPLS, multicast, BNG, ISDN, VoIP, Carrier Ethernet, System Architecture, network design and many others. He has more than 20 years of industry experience in carrier Ethernet, carrier routing, and network access technologies. Xander  holds a dual CCIE certification (number 6775) in service provider and voice technologies. He has a master of science degree in electrical engineering from Hogeschool van University in Amsterdam.
    Remember to use the rating system to let Xander know if you have received an adequate response.
    Xander might not be able to answer each question because of the volume expected during this event. Remember that you can continue the conversation on the Service Providers community XR OS And Platforms  shortly after the event. This event lasts through Friday, May 24, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
    Webcast  related links:
    Slides
    Webcast  Video Recording
    FAQ

    Is there a Cisco lab available for ASR 9000
    we have "XR4U" stations coming available soon when XR 511 comes alive. The plan is for a downloadable play image like that. In the interim we have 2 demo systems available, and they can be booked via your account manager representative.
    How will MOD160 perform with multiple 9000NVS?
    very well. the mod 160 has 4 NPU's, 2 per bay. So if you have a 4x10 MPA to serve a satellite, you effectively have a single NPU per 20 1Gigs from the satellite. The pps performance will be stellar. However it might be price technically more ideal to connect satellite with a 36x10. Since the MOD-x has native MPA's with 1G also.
         2. Is there a shortcut for a Bundle-EthernetX interface, such as port-channel interface (poX), in Cisco IOS® ?.
    usability enhancement is there, we are trying to push this into a new reasonable release. follow CSCuh04526
         3. What  is the revolutions per minute (RPM) on these hard disk drives (HDDs)  compared to the solid state drives (SDDs)? Will the spinning drives be  slow?
    depends on the type we had avaialble at time of production, you will see different sizes and disks on the RSP2. the rpm of the HD is not so much an issue as much as the buffered writing we used to do in XR. This is fixed up with XR43 where the disk writing performance is much better. the HD/SDD is used for logging storage only (and maybe your pictures) but other then that we're not that concerned with write perf of the HD.
    regards
    xander

  • LMS 3.2/CiscoView 6.1.9 : ASR 9000 not supproted

    Hi,
    Do you know when ASR 9000 will be supported in ciscoview ?
    Many thanks, Elisabeth

    It is my understanding that IOS-XR devices will never be supported in CiscoView.

  • How to configure snmp on loopback interface, on vrf TEST, in ASR 9000 series

    Hi there!
    How to configure snmp v2, with community string, for ASR 9000 series, in interface loopback 1, that has vrf TEST
    Regards!

    oh that is somewhat vague, but let me try...
    in order to enable snmp access to an interface in a vrf you need to enable MPP (management plane protection) in that vrf.
    Something like this:
    control-plane
     management-plane
      inband
       interface Loopback100
        allow all
    if you have this and it doesn't work, a config snippet and some debugs (like debug snmp packet) will help to define what to do next.
    regards
    xander

  • Capturing file place command

    I am placing a word document using File->Place command. I want to capture file place command as I have to show a dialog just after a file is placed.
    I have a attached an observer to document.In Update() method I have written following code :
    ICommand* cmd = (ICommand*)changedBy;
    ClassID cmdClass = ::GetClass(cmd);
    ICommand::CommandState cmdState = cmd->GetCommandState();
    do
        if( cmdClass == kPlacePICmdBoss && cmdState == ICommand::kDone )
              this->ShowDialog();
    }while(kFalse);
    When I run my plugin dialog is shown two times after placing document ,which should not happen. How I  show my dialog just once.
    When debugging call is going inside if block two times.(Therefore 2 dialogs are shown).
    Also when I place document other way round i.e first create a text frame and then place document . In that case I am not able to capture file place command.
    I also tried to apply resonder for file place signal , but that is also working in only one case(i.e second one and not first one)
    Please help me out.

    I am placing a word document using File->Place command. I want to capture file place command as I have to show a dialog just after a file is placed.
    I have a attached an observer to document.In Update() method I have written following code :
    ICommand* cmd = (ICommand*)changedBy;
    ClassID cmdClass = ::GetClass(cmd);
    ICommand::CommandState cmdState = cmd->GetCommandState();
    do
        if( cmdClass == kPlacePICmdBoss && cmdState == ICommand::kDone )
              this->ShowDialog();
    }while(kFalse);
    When I run my plugin dialog is shown two times after placing document ,which should not happen. How I  show my dialog just once.
    When debugging call is going inside if block two times.(Therefore 2 dialogs are shown).
    Also when I place document other way round i.e first create a text frame and then place document . In that case I am not able to capture file place command.
    I also tried to apply resonder for file place signal , but that is also working in only one case(i.e second one and not first one)
    Please help me out.

  • ASR 9000 4.2.1 l2tp vpdn config migration

    Hi,
    I had a Cisco 7206VXR G2. I used to use vpn l2tp on the router. 7206 config are below:
    vpdn-group pppoe_customer
    description ***** redback *****
    accept-dialin
      protocol l2tp
      virtual-template 10
    terminate-from hostname 192.168.96.149
    source-ip 192.168.96.4
    local name 192.168.96.4
    lcp renegotiation always
    l2tp tunnel password 0 ericsson
    l2tp tunnel timeout setup 3600
    ip mtu adjust
    How to migrate or apply on ASR 9000 this config?

    Hi,
    since there are different approaches and options to consider due to the nature of the ASR9K and IOS XR, I suggest you read this documentation and decide how to do the config based on your knowledge of the network you have.
    http://www.cisco.com/en/US/docs/routers/asr9000/software/asr9k_r4.2/bng/configuration/guide/b_bng_cg42asr9k.pdf
    plz Rate if it helped,
    Soroush.

  • ASR 9000 route-policy on ipv4 and vpnv4 neighbors

    Hi
    To reduce configuraton i would like to use the same route-policy for ipv4 and vpnv4 routes from the same neighbors on ASR 9000.
    I know that a "pass all" route-policy will work just fine, also a route-policy like this works fine:
    route-policy eBGP_NEIGHBORS
        set local-preference 50
      endif
    end-policy
    But why doesn´t this route-policy work?
    rd-set EXT_SERVICES_PRIMARY
      1.1.1.1:*
    end-set
    rd-set EXT_SERVICES_SECUNDARY
      2.2.2.2:*
    end-set
    route-policy eBGP_NEIGHBORS
      if rd in EXT_SERVICES_PRIMARY then
        set local-preference 120
      elseif rd in EXT_SERVICES_SECUNDARY then
        set local-preference 20
      else
        set local-preference 80
      endif
    end-policy
    The effect of this is that vpnv4 routes looks just fine but ipv4 routes is missing in bgp table. I have tryed all kind of configs but it just will not work, what am i missing?
    The idea of this route-policy is that routes advertised by rd 1.1.1.1 will act as primary and rd 2.2.2.2 as secundary.
    1.1.1.1 and 2.2.2.2 is handleing the same routes.
    1.1.1.1 is located in one AS and 2.2.2.2 in an other AS
    my ASR that i am working on is in a third AS
    And alla other routes will have a default local-pref of 80

    If you watch the if statement, you're challenging that if the RD is something, or else, else... but, maybe, it doesn't work if you don't have an RD.
    Based on the Mohit's answer I think that maybe, that's the reason.
    route-policy eBGP_NEIGHBORS
      if rd in EXT_SERVICES_PRIMARY then
        set local-preference 120
      elseif rd in EXT_SERVICES_SECUNDARY then
        set local-preference 20
      else   <<< So if not "EXT_SERVICES_PRIMARY" and not "EXT_SERVICES_SECUNDARY", but stills in "if rd.."
        set local-preference 80
      endif
    Mohit's:
    route-policy eBGP_NEIGHBORS
      if rd in EXT_SERVICES_PRIMARY then
        set local-preference 120
      elseif rd in EXT_SERVICES_SECUNDARY then
        set local-preference 20
      endif
        set local-preference 80 >>>> Outside the if statement!
      end-policy.
    Let us know if the Mohit's answer worked! Just to learn something new :)

  • Batch Monitor Command line Check Progress

    Hey all,
    i was wondering if there is a way to check progress of a file i sent to compressor using command line.
    Thanks
    Lars

    ok so i found a pdf which tells me this:
    Below is a synopsis of the command for monitoring batches. The Batch Monitor
    command is located in /Applications/Utilities/Batch Monitor.app/Contents/MacOS.
    Batch Monitor [-clustername <name>] [-clusterid <user name:password@IP address:port
    number>] [-jobid <identifier> -batchid <identifier>] [-timeout <seconds>] [-query
    <seconds>] [-help]
    i tried putting that in but the result i get is Batch: garbled time
    any ideas
    Thanks
    ars

  • How to terminate a vlan on ASR 9000 and bridge it to a port on asr 9000

    hi guys;
    so here is another issue i have.
    Scenario:
    a switch in the north is trunking a VLAN for a client at our central site. The switch in north site is a 3560 and central site node is ASR 9000.
    This vlan is extended along with few others to distribution switch (7609) and from there teh same VLAN is trunked to a 2960 device at the same site as that of ASR. The idea is to carry the vlan from teh reote site to teh ASR at our central site and then bridge it to a seperate port on ASR and hook this port up to our fibre patch panel, hence providing a service to the client connecting to us at our northern site and then getting connected to teh internet service provider via teh patch panel.
    Since we can not make a port on ASR an access port, i am not sure how we can do the above mentioned interconnect.
    please assisst.
    regards

    Hello Jalal,
    Here the configuration example:
    interface GigabitEthernet0/0/0/0.100 l2transport
      encapsulation dot1q 100
      rewrite ingress tag pop 1 symmetric
    interface GigabitEthernet0/0/0/1
      l2transport
    l2vpn
    bridge group cust1
      bridge-domain cust1
       interface GigabitEthernet0/0/0/0.100
       interface GigabitEthernet0/0/0/1
    GigabitEthernet0/0/0/1 is the access port (untagged).
    interface GigabitEthernet0/0/0/0.100 accepts tagged frames with vlan 100.
    L2vpn bridge-domain cust1 connects both interfaces together.
    GigabitEthernet0/0/0/0.100 has tag rewrite operation. Removing tag on ingress, so sending untagged to GigabitEthernet0/0/0/1, and pushing tag 100 on egress, so untagged frames from gi0/0/0/1 got tagged.
    Regards,
    /A

  • Cisco 7206 vxr to ASR 9000 BGP config migration

    Hi,
    I had a cisco 7206 vxr. I have just ASR 9000. I'm going to replace c7206vxr to ASR9000. I can tried to bgp config but I didnt see distribute-list for ASR9000.
    c7206 config are below:
    router bgp 100
    no synchronization
    bgp log-neighbor-changes
    bgp suppress-inactive
    neighbor 10.10.10.54 remote-as 101
    neighbor 10.10.10.54 description *** ISP1 ***
    neighbor 10.10.10.54 password 0 test
    neighbor 10.10.10.54 update-source GigabitEthernet0/2.387
    neighbor 10.10.10.54 prefix-list RED in
    neighbor 10.10.10.54 distribute-list 12 out
    neighbor 10.10.10.54 route-map PREF in
    neighbor 10.10.10.54 route-map FAR out
    neighbor 10.10.10.54 filter-list 9 in
    ip prefix-list RED seq 2 deny 192.168.0.0/25
    access-list 12 permit 192.168.96.0 0.0.3.255
    ip as-path access-list 9 permit ^(101_)+
    route-map PREF permit 10
    set local-preference 150
    route-map PREF permit 20
    route-map FAR permit 10
    match ip address example
    set as-path prepend 100 100 100
    route-map FAR permit 10
    My ming so confused. Could you help me somebody ? How can migrate this config for the ASR9000 format?

    Hello Umit,
    The functionality is done with RLP as well. Here is the quick example. (note, I didn’t verify on a life router, but you should get an idea on how to implement it).
    prefix-set pfx_acl_12_p1_permit
      192.168.96.0/22 ge 22
    end-set
    route-policy FAR
       prepend as-path 100 3
    end-policy
    route-policy policy_nbr_10_10_10_54__ipv4_unicast_out
    if (destination in pfx_acl_12_p1_permit) then
       apply FAR
    endif
    end-policy
    router bgp 100
    bgp log neighbor changes
    neighbor 10.10.10.54
    remote-as 101
    description *** ISP1 ***
    password clear Test
    update-source Gigabitethernet0/0/0/2.387
    address-family ipv4 unicast
       route-policy in
       route-policy policy_nbr_10_10_10_54__ipv4_unicast_out out
    Regards,
    /A

  • What's the function of Punt FPGA in RSP switch fabric part of ASR 9000?

    What's the function of Punt FPGA in RSP switch fabric part of ASR 9000?

    What's the function of Punt FPGA in RSP switch fabric part of ASR 9000?

Maybe you are looking for

  • Customer Data Parser

    Hi everyone, I'm trying to execute a CDP process but I get this error: 02070E ERROR: Missing required field names in the input DDL. Occurred in Customer Data Parser - (CCDParser::CheckInputFieldNames). Does anyone knows what the problem could be? Tha

  • Error doing simple navigation in a JSP page

    Hi When I do a click on the login.jsp page of a project, the next page do not show. Instead of that, JBoss shows the next dump in its console:      at javax.faces.component.UIComponentBase.isIdValid(UIComponentBase.java:1050)      at javax.faces.comp

  • How to create a drop down menu

    Is it possible to create a dropdown menu when a button is clicked or rollover? However, what i need is a dropdown menu and not a popup menu... hope to get some response... thank you

  • Using Parallels w/Macbook Pro

    I was using Windows on Parallels and wanted to save a file on my USB drive but it wouldn't read it at all. I am unable to open files from my USB drive in Windows also. If anyone has a solution to this please let me know...Something is blocking the US

  • I forgot my password and now I can't restore it. What do I do? Please help.

    I forgot my password and I can't restore it or back up. Please help.