« Back
You are in :
Recent Topics »
NetFlow Analyzer »
Device tips » Cisco IOS router with ADSL: NetFlow collection
Hi,
Thank you for writing to us. To analyze this issue further, please send us the output of the commands 'show run' and 'show ip cache flow' from the router. Kindly email us the output of the commands to support@netflowanalyzer.com so that we can analyze it and get back to you at the earliest.
Thanks and Regards,
Simon
NetFlow Analyzer Support.
Thank you for writing to us. To analyze this issue further, please send us the output of the commands 'show run' and 'show ip cache flow' from the router. Kindly email us the output of the commands to support@netflowanalyzer.com so that we can analyze it and get back to you at the earliest.
Thanks and Regards,
Simon
NetFlow Analyzer Support.
I have the same problem, what was the resolution to this issue?
Hi,
The usual cause for not seeing either IN or OUT traffic for an interface is that NetFlow is not enabled on the interface or on the interfaces that bring traffic to the monitored interface. As a first step, please ensure that NetFlow has been enabled on all active interfaces of the router.
Regarding this particular case, the interfaces had ip cef disabled on them and also there were no NetFlow packets showing traffic being generated from the dialer interface and also no NetFlow packets showing traffic destined for virtual access interface which is why NetFlow Analyzer also did not show the same.
If you still face issues, please send the output of 'sh run' (after removing confidential information), sh ip cache flow and sh ip flow export to support@netflowanalyzer.com with a brief description on the issue so that we can identify the case and check the issue.
Regards,
Don Jacob
The usual cause for not seeing either IN or OUT traffic for an interface is that NetFlow is not enabled on the interface or on the interfaces that bring traffic to the monitored interface. As a first step, please ensure that NetFlow has been enabled on all active interfaces of the router.
Regarding this particular case, the interfaces had ip cef disabled on them and also there were no NetFlow packets showing traffic being generated from the dialer interface and also no NetFlow packets showing traffic destined for virtual access interface which is why NetFlow Analyzer also did not show the same.
If you still face issues, please send the output of 'sh run' (after removing confidential information), sh ip cache flow and sh ip flow export to support@netflowanalyzer.com with a brief description on the issue so that we can identify the case and check the issue.
Regards,
Don Jacob
I still have this ADSL netflow collection issue on 877 routers... ip cef is enabled and all the commands seem to be correct. I have been starting to wonder if it is a bug because according to Cisco my configuration is correct...
Matt
Matt
What ports Netflow Analyze the use? My firewall is blocking the flow between the collector and router
T�nia.
T�nia.
Hi Tania,
Thank you for writing to us. By default we suggest using UDP port 9996 to export NetFlow packets from the router. So, if you are exporting NetFlow packets using the suggested port, please give permission on your firewall for UDP port 9996. If you have further queries on NetFlow Analyzer, please get back to us and we shall gladly assist you with the same.
Thanks and Regards
Alec Stewart
NetFlow Analyzer Support
Thank you for writing to us. By default we suggest using UDP port 9996 to export NetFlow packets from the router. So, if you are exporting NetFlow packets using the suggested port, please give permission on your firewall for UDP port 9996. If you have further queries on NetFlow Analyzer, please get back to us and we shall gladly assist you with the same.
Thanks and Regards
Alec Stewart
NetFlow Analyzer Support
Hi,
This is the expected behavior. Traffic leaves the router via the Dialer interface, as dictated by the IP routing table. Traffic enters the router via the Virtual-Access interface. This is just the way Cisco have implemented routing via dialer interfaces - there's nothing wrong with NFA.
If you want to see both sets of flows on one graph, create an interface group in NFA that contains the dialer and the virtual-access interface.
alec
for "Dialer" interface only OUT traffic is shown
for "Virtual-Access" interface only IN traffic is shown
This is the expected behavior. Traffic leaves the router via the Dialer interface, as dictated by the IP routing table. Traffic enters the router via the Virtual-Access interface. This is just the way Cisco have implemented routing via dialer interfaces - there's nothing wrong with NFA.
If you want to see both sets of flows on one graph, create an interface group in NFA that contains the dialer and the virtual-access interface.
alec
Hi Alec,
Thanks for your reply. You are very helpful to our online community. I really appreciate your help to enable people to do better network management.
Thanks
Raj
Thanks for your reply. You are very helpful to our online community. I really appreciate your help to enable people to do better network management.
Thanks
Raj
Hi Raj,
You're welcome :)
alec
You're welcome :)
alec
Alec,
I am going to give this a try... thanks again for your input!
Matt
I am going to give this a try... thanks again for your input!
Matt
The issue that I seem to be running into, at least on the 871's, is that the dialer0 interface doesn't seem to have the right data.. For instance, in one example it is showing almost no packets in/out on dialer0, yet during that same timeframe the VPN Tunnel0 interface is showing 10x the traffic. It doesn't seem to add up. I would expect the dialer0 traffic to be the grand total of all outbound traffic, while the virtual-access1 interface to have the inbound.
Also, is there a way to list interface groups under devices rather than at the bottom? I have a good amount of ADSL routers and I would like to list the data under each respective router in the list.
Matt
Also, is there a way to list interface groups under devices rather than at the bottom? I have a good amount of ADSL routers and I would like to list the data under each respective router in the list.
Matt
I would suspect this is how the router perceives the traffic to be flowing, with any encrypted traffic sent via the tunnel interface rather than the dialer,
I see the same traffic patterns via SNMP interface queries to DSL routers with traffic on tunnel & sub interfaces but not on others,
HTH
Larry
I see the same traffic patterns via SNMP interface queries to DSL routers with traffic on tunnel & sub interfaces but not on others,
HTH
Larry
Post Actions
Corp