Filter
Top Products
56-5
Software Configuration Guide—Release 15.0(2)SG
OL-23818-01
Chapter 56 Configuring NetFlow
About NetFlow Statistics Collection
packet with this IP destination address needs to be routed. This process assumes that the forwarding
paths are symmetrical. However, if this process yields multiple input interfaces, a deterministic
algorithm is applied to pick one of them the one with the lowest IP address. Although this process
typically yields correct values, there are scenarios where the values are inaccurate:
• If load balancing is being applied by an upstream adjacent switch, one input interface must be
chosen arbitrarily out of the multiple input interfaces available. This action is necessary because the
input interface that would be used depends on the type of load balancing algorithm being deployed
by the adjacent upstream switch. It is not always feasible to know the algorithm. All flow statistics
are attributed to one input interface. Software selects the interface with the lowest IP subnet number.
• In an asymmetric routing scheme in which the traffic for an IP subnet might be received on one
interface and sent on another, the inferences noted previously for selecting an input interface, based
on a reverse lookup, would be incorrect and cannot be verified.
• If PBR or VRF is enabled on the switch and the flow is destined to an address that resides in the
PBR or VRF range or is sourced from an address that resides in the PBR or VRF range, the
information is incorrect. The input and output interface most likely points to the default route (if
configured) or have no value at all (NULL)
• If VRF is enabled on the switch on some interfaces and the flow comes from a VRF interface, the
information is incorrect. The input and output interface most likely points to the default route (if
configured) or have no value (NULL).
Note The Supervisor Engine V-10GE provides the input interface information by using hardware, improving
the accuracy of NetFlow information.
Feature Interaction of NetFlow Statistics with UBRL and Microflow Policing
On systems with Supervisor Engine V-10GE, there is a feature interaction between NetFlow Statistics
and UBRL (User Based Rate Limiting). As part of correctly configuring UBRL on a given interface, the
class map must specify a flow mask. In turn, this flow mask is used to create hardware-based NetFlow
statistics for the flow. By default, for traditional full-flow NetFlow statistics, the full-flow mask is used.
With UBRL, however, the masks can differ. If UBRL is configured on a given interface, the statistics are
collected based on the mask configured for UBRL. Consequently, the system does not collect full-flow
statistics for traffic transiting an interface configured with UBRL. For more details, refer to the
“Configuring User-Based Rate-Limiting” section on page 37-37.
VLAN Statistics
With NetFlow support, you can report Layer 2 output VLAN statistics, as well as VLAN statistics for
routed traffic in and out of a VLAN.
The following example shows the CLI output for a specific VLAN:
Switch# show vlan counters or show vlan id 22 count
* Multicast counters include broadcast packets
Vlan Id :22
L2 Unicast Packets :38
L2 Unicast Octets :2432
L3 Input Unicast Packets :14344621
L3 Input Unicast Octets :659852566
L3 Output Unicast Packets :8983050
L3 Output Unicast Octets :413220300