NETFLOW ON SWITCHES?

Guys,
I have a C3560 (C3560-HBOOT-M) Version 12.2(25r)SE1, RELEASE SOFTWARE
MODEL  WS-C3560G-24TS-S
Would it be possibel to configure netflow on this device.
I don't see any ip route-cache flow command.
Looking forward to your answers.
Nik

Netflow is not suported on Catalyst 3560 switches. Cisco doesn't document it very well as far as I've seen.
Think of Netflow as primarily a router technology. While most switches also route, the access switches (such as 3560 series) don't have the support for Netflow built into them. 4500 and 6500 series switches handle it via add-on to the low end supervisors (i.e. NFFC for some 4500 supervisors) or high end supervisors (such as Sup-720 in 6500's)
This 3rd party link may be useful: http://www.manageengine.com/products/netflow/help/cisco-netflow/netflow-ios-versions.html
Also: http://support.caligare.com/kb/entry/42/
Hope this helps.

Similar Messages

  • How to: Netflow on a L3 Switch WS-C3560X-48P

    Hello Community,
    I want to use netflow on our l3 switches. But my configurations dont work.
    What is my mistake? 
    Modell: WS-C3560X-48P
    Software Version: 15.0(1)SE3
    My Config:
    interface vlan 250
     ip flow monitor Monitor-FNF input
     ip flow monitor Monitor-FNF output
    flow record Record-FNF
     description Flexible NetFlow with NBAR Flow Record
     match ipv4 tos
     match ipv4 protocol
     match ipv4 source address
     match ipv4 destination address
     match transport source-port
     match transport destination-port
     collect routing next-hop address ipv4
     collect transport tcp flags
     collect interface output
     collect counter bytes
     collect counter packets
    flow exporter Export-FNF
     description DescriptionTEXT
     destination [NetFlow collector IP address]
     source vlan50
     transport udp 9001
     export-protocol netflow-v9
    flow monitor Monitor-FNF
     description FNF/NBAR Application Traffic Analysis
     record Record-FNF
     exporter Export-FNF
     cache timeout active 60
     cache timeout inactive 10

    Silly question but do you have a network services module installed? 
    From the documentation: "Flexible NetFlow is supported only on the Catalyst 3750-X and 3560-X switch running the IP base or IP services feature set and equipped with the network services module. It is not supported on switches running the NPE or the LAN base image."
    It actually also mentions: "NetFlow analysis is performed on traffic crossing the physical interfaces on the network services module." 
    Sourced from here: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_1_se/configuration/guide/3750xcg/swmnetflow.html

  • Couldnot Export Netflow entries in the PFC (hardware switched)

    Hi,
    On the Netflow Collector we are not able to see hardware switched flow entries in PFC, but software switched flow entries in MSFC can be seen. One thing which I have observed in the "show ip cache flow" output I see PFC as standby although the flow entries are there. We did the packet capture on the netflow collector but could not find hardware switched flow entries, so it seems that 6506 is not sending PFC entries.
    Following is the configuration.
    mls aging long 64
    mls aging normal 32
    mls netflow interface
    mls flow ip interface-full
    no mls flow ipv6
    mls nde sender version 5
    mls cef error action reset
    ip flow-cache entries 128000
    ip flow-cache timeout active 1
    ip flow ingress layer2-switched vlan 10,20
    ip flow-export source Loopback0
    ip flow-export version 5
    ip flow-export destination 10.19.20.31 9996
    show ip cache flow
    Displaying software-switched flow entries on the MSFC in Module 5:
    IP packet size distribution (8679322 total packets):
       1-32   64   96  128  160  192  224  256  288  320  352  384  416  448  480
       .132 .142 .325 .166 .082 .046 .019 .015 .006 .000 .001 .000 .001 .000 .013
        512  544  576 1024 1536 2048 2560 3072 3584 4096 4608
       .001 .001 .001 .005 .035 .000 .000 .000 .000 .000 .000
    IP Flow Switching Cache, 8454644 bytes
      30 active, 127970 inactive, 1523126 added
      438002488 ager polls, 0 flow alloc failures
      Active flows timeout in 1 minutes
      Inactive flows timeout in 15 seconds
    IP Sub Flow Cache, 1040712 bytes
      30 active, 31970 inactive, 1522942 added, 1522942 added to flow
      0 alloc failures, 0 force free
      1 chunk, 1 chunk added
      last clearing of statistics 2w1d
    Protocol         Total    Flows   Packets Bytes  Packets Active(Sec) Idle(Sec)
    --------         Flows     /Sec     /Flow  /Pkt     /Sec     /Flow     /Flow
    TCP-FTP          40819      0.0        10    73      0.3       0.5       3.1
    TCP-FTPD         40607      0.0         3    42      0.1       0.0       1.5
    TCP-WWW           2071      0.0        10   918      0.0       5.1     164.8
    TCP-other        39829      0.0        25   245      0.7       6.6     188.0
    UDP-DNS           1579      0.0         3    92      0.0       6.7     293.7
    UDP-NTP           3309      0.0         2    94      0.0     105.4     195.0
    UDP-TFTP             2      0.0        10    52      0.0     169.3     131.2
    UDP-Frag             5      0.0         1    57      0.0       1.0     299.5
    UDP-other       576228      0.4         2   197      1.1      13.8     285.8
    ICMP             55727      0.0         4   591      0.1     161.5     137.9
    GRE              28899      0.0        45    28      0.9     285.4       1.0
    IP-other        111838      0.0        34   129      2.9     292.4       8.0
    Total:          900913      0.6         9   150      6.5      65.0     202.5
    SrcIf         SrcIPaddress    DstIf         DstIPaddress    Pr SrcP DstP  Pkts
    Gi5/2         172.16.148.254  Tu2           10.191.32.12    2F 0000 0000     2
    Gi5/2         172.16.195.254  Tu4           10.191.32.14    2F 0000 0000     2
    Gi5/2         10.191.32.62    Vl10          10.191.32.12    2F 0000 0000     4
    Displaying hardware-switched flow entries in the PFC (Standby) Module 5:
    SrcIf            SrcIPaddress     DstIf            DstIPaddress    Pr SrcP DstP  Pkts
    Tu5              10.191.8.89      Vl10             10.190.102.240  2F 0000 0000  4780
    Tu5              10.191.8.89      Vl10             10.190.103.89   2F 0000 0000  6218
    Gi5/2            10.122.3.35      Tu4              172.16.33.97    06 008B 105F     1
    Tu5              10.191.8.89      Vl10             10.190.102.123  2F 0000 0000    73
    Tu5              10.124.24.45     Tu2              172.16.148.17   06 0E9F 008B     2
    Tu5              10.124.114.221   Gi5/2            10.129.1.89     06 4E21 04D8   450
    Gi5/2            10.70.72.8       Tu6              172.16.105.242  06 0050 0B3E     5
    show module
    Mod Ports Card Type                              Model             
      5    9  Supervisor Engine 32 8GE (Active)      WS-SUP32-GE-3B    
      6    9  Supervisor Engine 32 8GE (Hot)         WS-SUP32-GE-3B  
    Mod MAC addresses                       Hw    Fw           Sw           Status
      5  001f.6cfe.aba2 to 001f.6cfe.abad   4.6   12.2(18r)SX2 12.2(33)SXH3 Ok
      6  001f.9e9a.ae4c to 001f.9e9a.ae57   4.6   12.2(18r)SX2 12.2(33)SXH3 Ok
    Mod  Sub-Module                  Model              Serial       Hw     Status
    5  Policy Feature Card 3       WS-F6K-PFC3B               2.4    Ok
      5  Cat6k MSFC 2A daughterboard WS-F6K-MSFC2A    4.0    Ok
      6  Policy Feature Card 3       WS-F6K-PFC3B               2.4    Ok
      6  Cat6k MSFC 2A daughterboard WS-F6K-MSFC2A     4.0    Ok
    I have gone through following documents but could not find any clue on why PFC entries are not exported.
    http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/netflow.html#wp1080827
    http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080721701.shtml
    Regards,
    Akhtar

    Hi,
    Just to further update this case with troubleshooting results.
    1. I am able to recieve all flows sent from NDE 6506 Switch on NF Collector-A.
    2. Only few flow are being received on NF CollectorB.
    3. When comparing packet captured on NF Collector-A and B, I see only small size UDP packets(~350bytes) on NF Collector B, whereas on NF A I see packets more than 800 bytes...
    This issue is surely pertaining to GRE+IPSEC. I have checked the forums and found issue of ""Self Generated Netflow packets not encrypted"" but my issue not seems to relevant b/c NDE 6506 which is exporting Netflow is not encrypting.......
    Any thoughts !!
    NDE 6506 Switch)----(CORE-6509)----(DC-WAN-1-6506)-----GRE+IPSEC------(DC-WAN-2-6506)------(CORE-6509)-----(DC-AGG)----(DC-ACC)---NF CollectorB
                                          |
                                          |
                                    NF Collector-A

  • Can MPLS aware Netflow ver. 9 be enabled on the catalyst switches 6500

    HI, I'm working for KOREA TELECOM, and currently providing MPLS VPN.
    We're planning to provide our customer with traffic report using NetFlow..
    I read some documents which reads Netflow ver.9 can be enabled on Cisco GSR 12000 Series, but no mention about catalyst switches. So, I ' m curious about that Netflow ver 9 can be activated on catalyst 6500 series.. because the point where switch is located already have mpls encapsulated packet ( mpls vpn packet).
    Thank you , in advance.

    NetFlow is now integral to Cisco 6500. A configuration we recommend is as below:
    mls netflow     // This enables NetFlow on the Supervisor.
    mls nde sender version 7
    mls aging long 64  // This breaks up long-lived flows into (roughly) one-minute segments.
    mls aging normal 32  // This ensures that flows that have finished are exported in a timely manner.
    mls flow ip interface-full
    mls nde interface
    The  next two commands will help to enable NetFlow data export for  bridged  traffic which is optional. You can specify the list of VLANs  here to  enable bridged traffic.
    ip flow ingress layer2-switched vlan
    ip flow export layer2-switched vlan
    Apart from this, NetFlow has to be enabled on the MSFC using the below commands.
    ip flow egress       // This command has to be executed on all the L3/VLAN interfaces.
    ip flow-export destination {hostname|ip_address} 9996  // The hostname or IP address of the flow server
    ip flow-export source {interface} // The interface through which NetFlow packets are exported. eg: Loopback0
    ip flow-export version 9
    ip flow-cache timeout active 1
    snmp-server ifindex persist
    The new Cisco Flexible NetFlow actually allows for export of MPLS specific information (I believe it is stack lables) in addition to information on IP Address, port, etc. But you will need a tool that can support these additional fields. Otherwise you can view IP, port, protocol, etc related information from MPLS links.
    Regards,
    Don Thomas Jacob
    ManageEngine NetFlow Analyzer

  • 4506 switch and netflow card

    folks
    i have a 4506 with a netflow card installed and i'm using crannog software to read the netflow stats but i have a problem
    i have the following statements on my switch config
    ip route-cache flow
    ip flow ingress
    ip flow-cache timeout active 5
    ip flow-export source GigabitEthernet4/1
    ip flow-export version 5
    ip flow-export destination 10.*.*.* 2055
    my software is picking up the switch and the switch is exporting flows:
    Flow export v5 is enabled for main cache
    Exporting flows to 10.*.*.* (2055)
    Exporting using source interface GigabitEthernet4/1
    Version 5 flow records
    820249 flows exported in 118103 udp datagrams
    0 flows failed due to lack of export packet
    0 export packets were sent up to process level
    but the software shows 0 bits for traffic
    is anyone aware of any commands i'm missing (the ip route-cache command isn't available for an interface as in a router)
    thanks to anyone taking the time to respond or read this

    Sup7LE supports Flexible Netflow. 
    http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/flexible-netflow/product_data_sheet0900aecd804b590b.html

  • NetFlow/NetQOS on a 3750x switch

    Hello, I have 3750x running c3750e-universalk9-mz.122-55.SE5 layer 3 capable. Im trying to enable net flow on the switch but for some reason the flow commands dont appear to be available in config t mode. Are there some other global commands that have to be enabled first in order for the netflow commands to be available or is it  the image that doesnt support netflow?
    Andy

    Thanks Rajeevsh,
    I ran the command I got the output below, i do see ipbase in there but dont know if that means its active..
    Maybe it needs to have IP services as you pointed out..
    Thanks for looking at this..
    andy
    inmu-tcs-inet1-sw#sh license all
    License Store: Primary License Storage
    StoreIndex: 0   Feature: lanbase                           Version: 1.0
            License Type: Permanent
            License State: Active, Not in Use
            License Priority: Medium
            License Count: Non-Counted
    StoreIndex: 1   Feature: ipbase                            Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Priority: Medium
            License Count: Non-Counted
    License Store: Evaluation License Storage
    StoreIndex: 0   Feature: ipservices                        Version: 1.0
            License Type: Evaluation
            License State: Active, Not in Use, EULA not accepted
                Evaluation total period: 8  weeks 4  days 
                Evaluation period left: 8  weeks 4  days 
            License Priority: None
            License Count: Non-Counted
    I also ran it on another 3750x where netflow commands seem to work and the output is different..see below:
    dmz-srvdist1a-sw#sh license all
    License Store: Primary License Storage
    StoreIndex: 0   Feature: ipbase                            Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Priority: Medium
            License Count: Non-Counted
    License Store: Evaluation License Storage
    StoreIndex: 0   Feature: ipservices                        Version: 1.0
            License Type: Evaluation
            License State: Active, Not in Use, EULA not accepted
                Evaluation total period: 8  weeks 4  days 
                Evaluation period left: 8  weeks 4  days 
            License Priority: None
            License Count: Non-Counted

  • Enabling Netflow on Production 6500 Core switch

    Hi All,
    I am looking for a little expert advise regarding Cisco Netflow. For monitoring I need to enable Netflow feature on 6500 core switch or 6500 load balancer with CSM module installed, but I am just concern about the CPU hits on the devices. we are not using any dynamic routing protocols. Can someone please advise how will it effect on the local resources when using Netflow? Is it fine if I enable this feature on these devices in production?
    Thanks in advance,

    Hi Mudassar,
    Enabling netflow will not have a major impact on CPU or memory but you will want to keep a close eye on the switches TCAM utilisation. Features like  netflow,  TCP intercept and WCCP can use resources from “NetFlow TCAM Table”.
    Use the "show mls netflow table-contention detailed" command to monitor TCAM utilisation.
    Regards
    Brett

  • Netflow configuration on 4510 switch

    Hi everyone,
    I have a 4510 with sup7e and I would like to deploy netflow on this switch. The network will contain the 4510 switch where there will be 4 blades installed, each blade contains a separate Zone (vlan) . These 4 zones will then trunk upto a firewall via ten gig link over sub-interfaces. There will be an ip address assigned to each vlan on the 4500 switch but there can not be routing enabled between the vlans on the switch. If anyone could describe or show if it is possible to configure netflow with this scenario, it would be very much appreciated.

    You will need the IP services (or above) image with the Sup 7E on a Catalyst 4k. Assuming you have that, I believe you can use flexible Netflow and set up a separate flow exporter with each of your zones' SVI as the source.
    See this guide: link.

  • Netflow on Cisco Catalyst 3750 Metro Series Switches

    Does netflow possible in 3750 metro series?

    Hi Syed,
    You have to first check if there is any image in switch or not so that you can manually boot from switch: prompt but as you said there is no image in the switch you have to go for xmodem procedure to upgrade the switch.
    Have a look at this link and just follow step by step instructions and you will be good to go
    http://www.cisco.com/en/US/products/hw/switches/ps607/products_tech_note09186a00800946e5.shtml#xmodem
    HTH, if yes please rate the post.
    Ankur

  • Solarwinds Netflow products what will work with a 3850-switch

    Does anybody know….what Solar winds product will do Net Flow with Cisco 3850-switches? I know Net Flow Configurator will not work….but what about Net Flow Real-time for a Cisco 3850 switch?

    For a lot of people, it is not neccessary. I used to ask myself that question until I came across a need for things that iLife and the Finder would not do.
    Toast is a great program with a lot of features that just are not standard on a Mac.
    You can make music DVDs. You can span a HD backup over multiple disks. You can make hybrid PC/Mac disks. It has DVD compression tools to fit a 8.5GB dual-layer DVD onto a single layer 4.7GB DVD.It suppoprts OGG and FLAC audio formats. You can turn your iMovie and iDVD projects into DivX disks.
    It also has lots of nice tools to clean up audio that is imported from a noisy source - like vinyl.
    It is all in all a very useful program, but not unless you need any of those features of course.

  • Netflow on L2 switch

    Is it possible to collect traffic statistics from catalyst 2970?
    When I enter interface config mode and type:
    ip route-cache flow
    the switch does not accept this command.
    Is there a way to configure 2970 switch for exporting traffic statistics?

    hi
    You can make use of SPAN to achieve this ,for more info do refer this link..
    http://www.cisco.com/en/US/products/hw/switches/ps5206/products_configuration_guide_chapter09186a00805a8a71.html
    regds

  • NAT problems on a L3 3650 switch

    So, I am trying to setup NAT on our new 3650 switch running IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 03.06.00E RELEASE SOFTWARE
    This simple setup involves a layer 3 port (1/0/46) to our gateway and a Vlan for NAT
    My hosts on my NAT Vlan (Vlan 2) do not seem able to ping anywhere else than the switch itself (all its interfaces) and their local subnet. Pings from the switch to outside are fine (NAT debug enabled):
    Switch#ping 8.8.8.8 source 192.168.122.1
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
    Packet sent with a source address of 192.168.122.1 
    Success rate is 100 percent (5/5), round-trip min/avg/max = 60/66/70 ms
    Switch#
    *Nov 10 14:27:04.145: NAT: ICMP id=1->1025
    *Nov 10 14:27:04.145: NAT: s=192.168.122.1->165.211.28.194, d=8.8.8.8 [5]
    *Nov 10 14:27:04.210: NAT: ICMP id=1025->1
    *Nov 10 14:27:04.210: NAT: s=8.8.8.8, d=165.211.28.194->192.168.122.1 [0]
    Running Config:
    ! Last configuration change at 13:51:06 UTC Mon Nov 10 2014
    version 15.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    service compress-config
    hostname Switch
    boot-start-marker
    boot system switch all flash:packages.conf
    boot-end-marker
    vrf definition Mgmt-vrf
    address-family ipv4
    exit-address-family
    no aaa new-model
    switch 1 provision ws-c3650-48ps
    ip routing
    ip dhcp excluded-address 192.168.122.1
    ip dhcp pool Pool14
    import all
    network 192.168.122.0 255.255.255.0
    dns-server 165.211.29.1
    default-router 192.168.122.1
    domain-name my.domain
    crypto pki trustpoint TP-self-signed-1875358754
    diagnostic bootup level minimal
    spanning-tree mode pvst
    spanning-tree extend system-id
    hw-switch switch 1 logging onboard message level 3
    redundancy
    mode sso
    class-map match-any non-client-nrt-class
    policy-map port_child_policy
    class non-client-nrt-class
    bandwidth remaining ratio 10
    interface GigabitEthernet0/0
    vrf forwarding Mgmt-vrf
    no ip address
    negotiation auto
    interface GigabitEthernet1/0/46
    description conf GW
    no switchport
    ip address 165.211.28.194 255.255.255.192
    ip nat outside
    interface GigabitEthernet1/0/47
    switchport access vlan 2
    spanning-tree portfast
    spanning-tree bpduguard enable
    interface GigabitEthernet1/0/48
    switchport access vlan 2
    spanning-tree portfast
    spanning-tree bpduguard enable
    interface Vlan1
    no ip address
    shutdown
    interface Vlan2
    ip address 192.168.122.1 255.255.255.0
    ip nat inside
    ip nat inside source list 61 interface GigabitEthernet1/0/46 overload
    ip forward-protocol nd
    ip http server
    ip http authentication local
    no ip http secure-server
    ip route 0.0.0.0 0.0.0.0 165.211.28.193
    access-list 61 permit 192.168.122.0 0.0.0.255
    line con 0
    stopbits 1
    line aux 0
    stopbits 1
    line vty 0 4
    login
    line vty 5 15
    login
    wsma agent exec
    profile httplistener
    profile httpslistener
    wsma agent config
    profile httplistener
    profile httpslistener
    wsma agent filesys
    profile httplistener
    profile httpslistener
    wsma agent notify
    profile httplistener
    profile httpslistener
    wsma profile listener httplistener
    transport http
    wsma profile listener httpslistener
    transport https
    ap group default-group
    end
    I also tried using a Vlan (+nat outside) instead of the Layer3 port (1/0/46) with the same results

    Hello Paul, 
    1)yes the public addressing is correct. Our gateway is 165.211.28.193/26 and my public is setup 165.211.28.194/26.
    2) Ip routing is enabled on the switch as you can see on my configuration
    3)Switch#sh sdm prefer 
    Showing SDM Template Info
    This is the Advanced (low scale) template.
      Number of VLANs:                                 4094
      Unicast MAC addresses:                           32768
      Overflow Unicast MAC addresses:                  512
      IGMP and Multicast groups:                       4096
      Overflow IGMP and Multicast groups:              512
      Directly connected routes:                       16384
      Indirect routes:                                 7680
      Security Access Control Entries:                 1536
      QoS Access Control Entries:                      3072
      Policy Based Routing ACEs:                       1024
      Netflow ACEs:                                    768
      Wireless Input Microflow policer ACEs:           256
      Wireless Output Microflow policer ACEs:          256
      Flow SPAN ACEs:                                  512
      Tunnels:                                         256
      Control Plane Entries:                           512
      Input Netflow flows:                             8192
      Output Netflow flows:                            16384
      SGT/DGT entries:                                 4096
      SGT/DGT Overflow entries:                        512
    These numbers are typical for L2 and IPv4 features.
    Some features such as IPv6, use up double the entry size;
    so only half as many entries can be created.

  • ASR netflow with third party tool

    Hi ,
    we have one issues where netflow data is not getting into the solar winds tool.in wireshark captures it shows netflow traffic is reaching upto the server.
    found one  forums and they highlighted one bug as below but its not affecting the release we are having.unable to find the exact bug ID in cisco .let me know if you can get any inputs and highlight the same.
    below is the links and current details
    https://thwack.solarwinds.com/thread/32146
    current ASR version & related netflow config is attached.diesnt find any issue with the configuration .trying with another vendor tool as well and will check .
    asr1002x-universal.03.10.01.S.153-3.S1-ext.SPA.bin
    show  ip flow export cache flow  
    IP packet size distribution (1317M total packets):
       1-32   64   96  128  160  192  224  256  288  320  352  384  416  448  480
       .000 .040 .023 .006 .004 .004 .030 .004 .002 .005 .004 .006 .002 .001 .000
        512  544  576 1024 1536 2048 2560 3072 3584 4096 4608
       .000 .000 .047 .029 .781 .000 .000 .000 .000 .000 .000
    IP Flow Switching Cache, 0 bytes
      0 active, 0 inactive, 24710853 added
      417778 ager polls, 0 flow alloc failures
      Active flows timeout in 30 minutes
      Inactive flows timeout in 15 seconds
      last clearing of statistics never
    Protocol         Total    Flows   Packets Bytes  Packets Active(Sec) Idle(Sec)
    --------         Flows     /Sec     /Flow  /Pkt     /Sec     /Flow     /Flow
    TCP-Telnet           5      0.0        61    42      0.0      31.1      31.2
    TCP-FTP             52      0.0        20    85      0.0      14.3      30.9
    TCP-FTPD             8      0.0        71    51      0.0       3.6      31.1
    TCP-WWW         369465      0.0        15   694      1.3       7.2      30.9
    TCP-SMTP           417      0.0        84    98      0.0       5.8      30.9
    TCP-X                3      0.0         7   277      0.0       1.6      31.1
    TCP-BGP          10911      0.0         1    69      0.0       3.0      30.9
    TCP-other     19793896      4.6        28  1134    131.5       2.6      30.9
    UDP-DNS         320124      0.0         1    79      0.0       0.0      30.9
    UDP-NTP          65307      0.0         1    87      0.0       0.1      30.9
    UDP-TFTP           854      0.0         1    51      0.0       0.0      30.9
    UDP-Frag          1721      0.0         7    58      0.0       2.1      30.9
    UDP-other      3850147      0.8       192  1244    172.6       3.7      30.9
    ICMP            296732      0.0         3    62      0.2       4.2      30.9
    Total:        24709642      5.7        53  1193    305.8       2.8      30.9
    SrcIf         SrcIPaddress    DstIf         DstIPaddress    Pr SrcP DstP  Pkts

    HI Mike,
    If you have third party Document Management System, then you can post two different message, i.e. service order in transaction details of the third party tool with link to document which would be posted to third party Document management server.
    If you don't have third party document management system and what to use sap infrastructure, then you don't need to maintain attachment, maintain the link between the third party tool and SAP document repository, with some login utilities.
    Best Regards,
    Pratik Patel.
    Reward with points if it is of any help to you!

  • Flexible Netflow (v.9) question on 3850 ipservices doesn't seem to register

    Greetings all - I am trying to enable netflow on a new 3850-24 with ipservices.  I am leveraging LiveAction and have raised a ticket with them to help me through the issue, but more generally I'm confused about the lack of features I'm seeing. Per the 3850 guide here (http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/flexible_netflow/configuration_guide/b_fnf_3se_3850_cg/b_fnf_3se_3850_cg_chapter_010.html) it is stated that you will have the option of turning on inbound and outbound directions on 3850's with ipbase and ipservices.  
    We are running ip services:
     Slot#  License name   Type     Count   Period left 
     1      ipservices   permanent     N/A   Lifetime
    However, we get the following error when trying to turn on flow inbound and outbound on the interfaces - whether they are svi (layer3) or interface (layer2)
    -----------------Layer2: ----------------------------------------------
    (config)#interface GigabitEthernet1/0/24
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR input
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR output
    % Flow Monitor: Flow Monitor 'LIVEACTION-FLOWMONITOR' 
    Unsupported match field "interface input" for ipv4 traffic in output direction
    Unsupported collect field "interface output" for ipv4 traffic in output direction
    ---------------- Layer3 ---------------------------------------------
    switch(config)#interface Vlan190
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR input
    % Flow Monitor: Flow Monitor 'LIVEACTION-FLOWMONITOR' flexible netflow not supported on vlan interfaces
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR output
    % Flow Monitor: Flow Monitor 'LIVEACTION-FLOWMONITOR' flexible netflow not supported on vlan interfaces
    ------------------------------------ untruncated output ------------------------------
    switch(config-flow-record)#collect counter bytes
    % Incomplete command.
    switch(config-flow-record)#collect counter packets
    % Incomplete command.
    switch(config-flow-record)#collect flow sampler
                                                        ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect interface output
    switch(config-flow-record)#collect ipv4 destination mask
                                                    ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect ipv4 dscp
                                                    ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect ipv4 id
                                                    ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect ipv4 source mask
                                                    ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect ipv4 source prefix
                                                    ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect routing destination as
                                                   ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect routing next-hop address ipv4
                                                   ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect routing source as
                                                   ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect timestamp sys-uptime first
                                                             ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect timestamp sys-uptime last
                                                             ^
    % Invalid input detected at '^' marker.
    switch(config-flow-record)#collect transport tcp flags
    switch(config-flow-record)#exit
    switch(config)#flow monitor LIVEACTION-FLOWMONITOR
    switch(config-flow-monitor)#$ DO NOT MODIFY. USED BY LIVEACTION. 
    switch(config-flow-monitor)#exporter LIVEACTION-FLOWEXPORTER
    switch(config-flow-monitor)#cache timeout inactive 10
    switch(config-flow-monitor)#cache timeout active 60
    switch(config-flow-monitor)#record LIVEACTION-FLOWRECORD
    switch(config-flow-monitor)#exit
    switch(config)#interface Vlan197
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR input
    % Flow Monitor: Flow Monitor 'LIVEACTION-FLOWMONITOR' flexible netflow not supported on vlan interfaces
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR output
    % Flow Monitor: Flow Monitor 'LIVEACTION-FLOWMONITOR' flexible netflow not supported on vlan interfaces
    switch(config-if)#exit
    switch(config)#interface Vlan190
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR input
    % Flow Monitor: Flow Monitor 'LIVEACTION-FLOWMONITOR' flexible netflow not supported on vlan interfaces
    switch(config-if)#ip flow monitor LIVEACTION-FLOWMONITOR output
    % Flow Monitor: Flow Monitor 'LIVEACTION-FLOWMONITOR' flexible netflow not supported on vlan interfaces
    -------------------- config it's trying to apply----------------------------
    config t
    ip cef
    snmp-server ifindex persist
    flow exporter LIVEACTION-FLOWEXPORTER
    description DO NOT MODIFY. USED BY LIVEACTION.
    destination <removed private IP address to liveaction server>
    source Loopback0
    transport udp 2055
    template data timeout 600
    option interface-table
    exit
    flow record LIVEACTION-FLOWRECORD
    description DO NOT MODIFY. USED BY LIVEACTION.
    match flow direction
    match interface input
    match ipv4 destination address
    match ipv4 protocol
    match ipv4 source address
    match ipv4 tos
    match transport destination-port
    match transport source-port
    collect counter bytes
    collect counter packets
    collect flow sampler
    collect interface output
    collect ipv4 destination mask
    collect ipv4 dscp
    collect ipv4 id
    collect ipv4 source mask
    collect ipv4 source prefix
    collect routing destination as
    collect routing next-hop address ipv4
    collect routing source as
    collect timestamp sys-uptime first
    collect timestamp sys-uptime last
    collect transport tcp flags
    exit
    flow monitor LIVEACTION-FLOWMONITOR
    description DO NOT MODIFY. USED BY LIVEACTION.
    exporter LIVEACTION-FLOWEXPORTER
    cache timeout inactive 10
    cache timeout active 60
    record LIVEACTION-FLOWRECORD
    exit
    interface Vlan197
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface Vlan190
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/13
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/18
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/4
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/3
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/6
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/5
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/23
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output
    exit
    interface GigabitEthernet1/0/24
    ip flow monitor LIVEACTION-FLOWMONITOR input
    ip flow monitor LIVEACTION-FLOWMONITOR output

    Welcome to the Arch forums.  That was an amazing first post.  It is refreshing to see a new forum member actually post with as much detail as possible in order to explain the situation.  Too often we get people saying things like "I can't get to the internet... why?" as the extent of their post.  So thanks.
    So I am curious about what the dhcpcd is trying to do.  It seems to be trying to soliciting for a ipv6 address, but mentions nothing about in ipv4 address.  It is not unfortunately not entirely uncommon for dhcpcd to time out waiting for an ipv6 address that never comes.  So are you using ipv6?  Do you expect an ipv6 address?  I noticed that when you tried to ping the google DNS server, you used their ipv4 address (8.8.8.8).  So I am thinking that means you are actually using ipv4.
    I wonder if you might be able to poll for just an ipv4 address with dhcpcd.  Just run it with -4 and it should disable the ipv6 stuff.  You might also want to try dhclient and see what kind of output it gives you.  If you are definitely not using ipv6, and it is not offered in your area, you might want to disable it.  There are instructions in the wiki on how to do this... but you might want to wait until you establish the issue before doing things like that.

  • 6506 NetFlow

    Hi,
    I'm trying to capture an ingress traffic on SVI interface of my Cisco 6506 (WS-C6506-E).
    I've enabled NetFlow on the Multilayer Switch Feature Card (MSFC):
    ip flow-export source Vlan254ip flow-export version 5ip flow-export destination 172.23.100.21 2055
    Enabled NetFlow and NetFlow Data Export (NDE) on the Policy Feature Card (PFC):
    ip flow ingress layer2-switched vlan 130mls netflow interfacemls flow ip interface-destinationmls nde sender version 5mls aging fast threshold 127mls aging long 1000mls sampling time-based 512mls cef error action resetmls netflow sampling
    and on the monitorable interface:
    interface Vlan130 ip address 172.23.170.2 255.255.255.0 ip flow ingress mls netflow sampling standby 1 ip + timers + priority + preempt + authentication
    Now I'm trying to see capruted flows. The point is I can't see flow's source address, source and destination port, and L4 protocol for unicast flows:
    Cat6506-LAN1#sh mls netflow ipDisplaying Netflow entries in Active Supervisor EARL in module 5DstIP           SrcIP           Prot:SrcPort:DstPort  Src i/f          :AdjPtr-----------------------------------------------------------------------------Pkts         Bytes         Age   LastSeen  Attributes---------------------------------------------------172.23.131.5    0.0.0.0         0   :0      :0        Vl130            :0x0202          52554         2     17:04:35   L2 - Dynamic0.0.0.0         0.0.0.0         0   :0      :0        --               :0x013312        6807977       2     17:04:35   L3 - Dynamic172.23.170.64   0.0.0.0         0   :0      :0        Vl130            :0x00            0             2     17:04:34   L2 - Dynamic172.23.170.123  0.0.0.0         0   :0      :0        Vl130            :0x00            0             2     17:04:35   L2 - Dynamic224.0.0.2       172.23.170.3    udp :1985   :1985     Vl130            :0x02            156           1     17:04:35   Multicast
    224.0.0.2       172.23.170.3    udp :1985   :1985     Vl130            :0x08            624           6     17:28:03   Multicast172.23.170.181  0.0.0.0         0   :0      :0        Vl130            :0x00            0             5     17:28:03   L2 - Dynamic
    The same output info I get on my NetFlow collector.
    Anybody know a reason what can prevent of collecting flows correctly?
    Thanks.

    might want to change the flow mask to full instead of destination. I think that should give you the rest of the info. chris

Maybe you are looking for

  • SMS not displaying contacts name

    When I receive SMS phone displays only phone number as messages sender, even though the same phone number is memorized in contacts. I've tried changing settings and message center number, but the problem persists.

  • Help needful, fi-co-copa documents relation needed.

    hi, how to get the fi corresponding co document and also copa document. for suppose fi document (belnr) is 20010305 if it is having corresponding co document. till here i am getting the logic. after knowing that this particular fi has the co document

  • Error in Printing Style of FSG reports

    Hi Gurus, For a report (Financial Statement Generator)", when executed from PROD, the print style is getting defaulted as "Portrait - For W2 Paper(2001 or later)". The same report when executed from TST, the print style is getting defaulted as "Lands

  • How do I get the latest download of itunes for windows 7

    So I have windows 7 and I've got the notification for the latest up date for iTunes and I tried to download it several times but always said error. So I decided to uninstall it and install iTunes again but now when I'm trying to reinstall it, my comp

  • Publishing in Flash 8

    Hi Friends! I am trying to publish a flash file which has 3 scenes. After Publishing its generates three SWF fils. I need single swf. Please help me! i am using flash 8 pro. Thanks in advance!