jahon55564 Posted February 15, 2013 Posted February 15, 2013 Добрый вечер! Если можно помогите решит проблему , используем как ядро catalyst 4500, он отправляет netflow. Но уже переполняется таблица flow ! В логах пишется: 2d10h: %C4K_HWNETFLOWMAN-4-FLOWSLOSTERR: Netflow stats lost either due to hardware hash collisions or full hardware flow table. Stats lost for 30 packets. Версия cisco#show version Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9S-M), Version 12.2(25)EWA6, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright © 1986-2006 by Cisco Systems, Inc. Compiled Fri 02-Jun-06 15:20 by ssearch Image text-base: 0x10000000, data-base: 0x114ED458 ROM: 12.1(20r)EW1 Dagobah Revision 95, Swamp Revision 28 System image file is "bootflash:cat4000-i9s-mz.122-25.EWA6.bin" cisco WS-C4503 (MPC8245) processor (revision 7) with 524288K bytes of memory. Processor board ID FOX0802004B MPC8245 CPU at 333Mhz, Supervisor IV Last reset from PowerUp 24 Virtual Ethernet interfaces 26 Gigabit Ethernet interfaces 403K bytes of non-volatile configuration memory. Configuration register is 0x2102 cisco#show module 1 Mod Ports Card Type Model Serial No. ---+-----+--------------------------------------+------------------+----------- 1 2 Supervisor IV 1000BaseX (GBIC) WS-X4515 JAE08061DSL M MAC addresses Hw Fw Sw Status --+--------------------------------+---+------------+----------------+--------- 1 000f.2434.7b40 to 000f.2434.7b41 3.1 12.1(20r)EW1 12.2(25)EWA6 Ok Mod Submodule Model Serial No. Hw Status ----+-----------------------+-----------------+------------+----+--------- 1 Netflow Services Card WS-F4531 JAE1052JG1J 2.2 Ok настройка Netflow ! ip route-cache flow infer-fields ip flow ingress infer-fields ip flow-cache timeout inactive 10 ip flow-cache timeout active 1 ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination x.x.x.x 9995 ! есть интерфейсы с которых проходят большой трафик , но можно из них не собирать flow , но жаль в этом железке нельзя фильтрование по порту. Как можно решит проблему ? Вставить ник Quote
jahon55564 Posted February 18, 2013 Author Posted February 18, 2013 Добрый вечер! Если можно помогите решит проблему , используем как ядро catalyst 4500, он отправляет netflow. Но уже переполняется таблица flow ! В логах пишется: 2d10h: %C4K_HWNETFLOWMAN-4-FLOWSLOSTERR: Netflow stats lost either due to hardware hash collisions or full hardware flow table. Stats lost for 30 packets. Версия cisco#show version Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9S-M), Version 12.2(25)EWA6, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright © 1986-2006 by Cisco Systems, Inc. Compiled Fri 02-Jun-06 15:20 by ssearch Image text-base: 0x10000000, data-base: 0x114ED458 ROM: 12.1(20r)EW1 Dagobah Revision 95, Swamp Revision 28 System image file is "bootflash:cat4000-i9s-mz.122-25.EWA6.bin" cisco WS-C4503 (MPC8245) processor (revision 7) with 524288K bytes of memory. Processor board ID FOX0802004B MPC8245 CPU at 333Mhz, Supervisor IV Last reset from PowerUp 24 Virtual Ethernet interfaces 26 Gigabit Ethernet interfaces 403K bytes of non-volatile configuration memory. Configuration register is 0x2102 cisco#show module 1 Mod Ports Card Type Model Serial No. ---+-----+--------------------------------------+------------------+----------- 1 2 Supervisor IV 1000BaseX (GBIC) WS-X4515 JAE08061DSL M MAC addresses Hw Fw Sw Status --+--------------------------------+---+------------+----------------+--------- 1 000f.2434.7b40 to 000f.2434.7b41 3.1 12.1(20r)EW1 12.2(25)EWA6 Ok Mod Submodule Model Serial No. Hw Status ----+-----------------------+-----------------+------------+----+--------- 1 Netflow Services Card WS-F4531 JAE1052JG1J 2.2 Ok настройка Netflow ! ip route-cache flow infer-fields ip flow ingress infer-fields ip flow-cache timeout inactive 10 ip flow-cache timeout active 1 ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination x.x.x.x 9995 ! есть интерфейсы с которых проходят большой трафик , но можно из них не собирать flow , но жаль в этом железке нельзя фильтрование по порту. Как можно решит проблему ? Важно ли включить ip cef ? Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.