Re: Netflow input filter

From: Digital Yemeni (digital.yemeni@gmail.com)
Date: Tue Apr 10 2007 - 22:42:36 ART

• Next message: Digital Yemeni: "Re: Netflow input filter"
• Previous message: CCDesire: "Problem with ACS"
• Maybe in reply to: dampened: "Netflow input filter"
• Next in thread: Digital Yemeni: "Re: Netflow input filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

BTW, something i could not understand is ur ACLs:

access-list 1 permit tcp any any eq www
access-list 1 permit tcp any eq www any

How can a "standard" ACL be able to match on IP stack and port numbers?! How
did the router accepted that in the first place? Can you dump the "actual"
router config?

On 4/11/07, dampened <cheechew@hotmail.com> wrote:
>
> I have ACL on my config as you can see below. My problem is even with
> filter, I am not able to selectively 'netflow' the traffic. All traffic is
> being collected. Does anyone has this problem? Need comment here. I have
> tried it with multiple IOS version on 2811 and dynamips.
>
> By the way, netflow input filter only accept acl. not nbar.
>
>
>
>
>
>
> ----- Original Message -----
> *From:* Digital Yemeni <digital.yemeni@gmail.com>
> *To:* dampened <cheechew@hotmail.com>
> *Cc:* Cisco certification <ccielab@groupstudy.com>
> *Sent:* Monday, April 09, 2007 12:40 PM
> *Subject:* Re: Netflow input filter
>
> Try NBAR!
> You can add a class and make look like:
>
> class-map match-all URL
> match match access-group 1 <== this is ur ACL 1
> match protocol http host "www traffic"
> match protocol http url "specific_directory/" <== optional!
>
> policy-map p1
> class URL
> netflow-sampler flowsample
>
>
>
> On 4/9/07, dampened <cheechew@hotmail.com <cheechew@hotmail.com+>> wrote:
> >
> > I am trying to collect only www statistic on certain traffic on an
> > interface. Here is my config.
> > The problem is that I am not able to limit the netflow collection to
> > only
> > www traffic. It captures all kind of traffic coming into F0/0.
> >
> > What am I missing here? Your help is appreciated.
> >
> >
> > flow-sampler-map flowsample
> > mode random one-out-of 1
> >
> > class-map match-all class1
> > match access-group 100
> >
> > policy-map p1
> > class class1
> > netflow-sampler flowsample
> >
> > interface FastEthernet0/0
> > service-policy input p1
> >
> > access-list 1 permit tcp any any eq www
> > access-list 1 permit tcp any eq www any
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
>
>
> --
> Best Regards!
> Digital, CCIE# to be assigned by Cisco when it collects enough $$ out of
> me! :p
>
>

-- 
Best Regards!
Digital, CCIE# to be assigned by Cisco when it collects enough $$ out of me!
:p

• Next message: Digital Yemeni: "Re: Netflow input filter"
• Previous message: CCDesire: "Problem with ACS"
• Maybe in reply to: dampened: "Netflow input filter"
• Next in thread: Digital Yemeni: "Re: Netflow input filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:35 ART