Cisco Systems EA6500 Manual De Usuario
33-6
Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide—Release 12.1 E
78-14099-04
Chapter 33 Configuring NDE
Understanding How NDE Works
MLS Cache Entries
NDE captures statistics for Layer 3-switched flows in the MLS cache on the PFC.
NDE maintains traffic statistics for each active flow in the MLS cache and increments the statistics when
packets within each flow are switched. Periodically, NDE exports summarized traffic statistics for all
expired flows, which the external data collector receives and processes.
packets within each flow are switched. Periodically, NDE exports summarized traffic statistics for all
expired flows, which the external data collector receives and processes.
Exported NetFlow data contains statistics for the flow entries in the MLS cache that have expired since
the last export. Flow entries in the MLS cache expire and are flushed from the MLS cache when one of
the following conditions occurs:
the last export. Flow entries in the MLS cache expire and are flushed from the MLS cache when one of
the following conditions occurs:
•
The transport protocol indicates that the connection is completed.
•
Traffic inactivity exceeds 15 seconds.
For flows that remain continuously active, flow entries in the MLS cache expire every 32 minutes to
ensure periodic reporting of active flows.
ensure periodic reporting of active flows.
NetFlow data export packets go to the external data collector either when the number of recently expired
flows reaches a predetermined maximum, or every second, whichever occurs first.
flows reaches a predetermined maximum, or every second, whichever occurs first.
By default, all expired flows are exported unless filtered. With a filter configured, NDE only exports
expired and purged flows that match the filter criteria. NDE flow filters are stored in NVRAM and are
not cleared when NDE is disabled. See the
expired and purged flows that match the filter criteria. NDE flow filters are stored in NVRAM and are
not cleared when NDE is disabled. See the
for
NDE filter configuration procedures.
Sampled NetFlow
Sampled NetFlow exports data for a subset of the Layer 3-switched IP packets instead of for all packets
in a flow. Sampled NetFlow substantially decreases the Supervisor Engine 2 CPU utilization. Release
12.1(13)E and later releases support sampled NetFlow on the Supervisor Engine 2.
in a flow. Sampled NetFlow substantially decreases the Supervisor Engine 2 CPU utilization. Release
12.1(13)E and later releases support sampled NetFlow on the Supervisor Engine 2.
With the full-interface or destination-source-interface flow masks, you can enable or disable sampled
NetFlow on each LAN port. With all other flow masks, sampled Netflow is enabled or disabled globally.
NetFlow on each LAN port. With all other flow masks, sampled Netflow is enabled or disabled globally.
42–43 dst_as
Autonomous system number of the
destination, either origin or peer
destination, either origin or peer
A
A
A
A
A
44
src_mask Source
address prefix mask bits
45
dst_mask Destination address prefix mask bits
46–47 pad2
Pad 2
48–51 MLS RP
IP address of MLS router
X
X
X
X
X
1.
Supported in Release 12.1(13)E and later releases.
2.
With the destination flowmask, the “Next hop router’s IP address” field and the “Output interface’s SNMP ifIndex” field might not contain information
that is accurate for all flows.
that is accurate for all flows.
Table 33-4 NDE Version 7 Flow Record Format (continued)
Bytes
Content
Description
Flow masks:
• X=Populated
• A=Additional field (see the
• X=Populated
• A=Additional field (see the
“Populating Additional NDE
Fields” section on page 33-10
)
Destination
Destination
Source
Destination
Source
Interface
1
Full
Full
Interface
1