Cisco Systems EA6500 Manual De Usuario
24-6
Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide—Release 12.1 E
78-14099-04
Chapter 24 Configuring Denial of Service Protection
Configuring DoS Protection
Monitoring Packet Drop Statistics
Because the rate-limiting mechanism allows a certain number of packets to be forwarded for software
processing, you can view the packet drop statistics by entering NetFlow show commands from the CLI.
You can also capture the incoming or outgoing traffic on an interface and send a copy of this traffic to
an external interface for monitoring by, for example, a traffic analyzer. To capture traffic and forward it
to an external interface, use the monitor session commands.
processing, you can view the packet drop statistics by entering NetFlow show commands from the CLI.
You can also capture the incoming or outgoing traffic on an interface and send a copy of this traffic to
an external interface for monitoring by, for example, a traffic analyzer. To capture traffic and forward it
to an external interface, use the monitor session commands.
Monitoring Dropped Packets Using NetFlow Commands
The following NetFlow commands display flows that are destined to the router MAC that are either
hardware switched or forwarded to the route processor.
hardware switched or forwarded to the route processor.
Displaying statistics based on source or flow only works if the MLS NetFlow flowmask is set to a value
greater than destination-only.
greater than destination-only.
Router# show mls ip
Displaying Netflow entries in Supervisor Earl
DstIP SrcIP Prot:SrcPort:DstPort Src i/f:AdjPtr
--------------------------------------------------------------------
200.2.5.3 0.0.0.0 0 :0 :0 0 : 0
Pkts Bytes Age LastSeen Attributes
---------------------------------------------------
0 0 1 01:52:25 L3 - Dynamic
Router# show mls netflow flowmask
current ip flowmask for unicast: destination only
current ipx flowmask for unicast: destination only
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# mls flow ip destination-source
Router(config)# exit
1w6d: %SYS-5-CONFIG_I: Configured from console by console
Router# show mls ip
Displaying Netflow entries in Supervisor Earl
DstIP SrcIP Prot:SrcPort:DstPort Src i/f:AdjPtr
--------------------------------------------------------------------
200.2.5.3 223.255.254.226 0 :0 :0 0 : 0
Pkts Bytes Age LastSeen Attributes
---------------------------------------------------
0 0 2 01:54:05 L3 - Dynamic
Router#
When you use the show mls ip command to display information about flows for a specific source or
destination address, the command accepts 32 host prefixes only. When you use the output modifiers, you
might see all flows from a specific subnet.
destination address, the command accepts 32 host prefixes only. When you use the output modifiers, you
might see all flows from a specific subnet.
Router# show mls ip source 9.9.9.2 mod 4
Displaying Netflow entries in module 4
DstIP SrcIP Prot:SrcPort:DstPort Src i/f:AdjPtr
--------------------------------------------------------------------
9.9.9.177 9.9.9.2 0 :0 :0 0 : 0
Pkts Bytes Age LastSeen Attributes
---------------------------------------------------
0 0 28 01:56:59 L3 - Dynamic
Router# show mls ip mod 4 | include 9.9.9
9.9.9.177 9.9.9.2 0 :0 :0 0 : 0