From: Pavel Bykov (slidersv@gmail.com)
Date: Mon Feb 02 2009 - 06:49:18 ARST
Well, this definetely seems like a netflow related problem. I presume, you
are talking about classified traffic to a class that is reporting 42megs.
Who is doing netflow classification? Are you doing net flow aggregation on
the box? What is your netflow config?
On Sun, Feb 1, 2009 at 10:14 AM, Swap <ccie77@gmail.com> wrote:
> Guys,
>
>
>
> We are using policing (using the Modular QoS CLI) and Netflow on Cisco 6500
> (SUP720, PFC3B, MSFC3) for some specific traffic. We are getting
> inconsistent data in netflow software. I expect the netflow graphs not to
> cross the policed CIR but it is not happening. For e.g. On a 1 Minute
> scale,
> the bandwidth goes to 42 Mbps while the policed CIR is 12.5Mbps. The
> ingress/egress interfaces are shared by other traffic which are not
> subjected to QoS.
>
>
>
> What is the order of operation for MQC Qos and netflow? I have seen the
> order on Cisco and Joe Harris's 6200networks.com but it's not very clear.
>
>
>
> What is the best way of doing this.how are others doing this.especially in
> Service provider environment?
>
>
>
> -------------------------
>
> Sample config-
>
>
>
> interface Vlan100
>
> ** THIS IS INCOMING SVI FOR LOCAL TRAFFIC **
>
> ip address X X
>
> ip route-cache flow
>
> ip route-cache policy
>
> ip policy route-map XX
>
> load-interval 30
>
> standby 3 ip X
>
> standby 3 priority 120
>
> standby 3 preempt
>
> service-policy input BANDWIDTH_IN_2
>
> service-policy output BANDWIDTH_OUT_2
>
>
>
> interface Vlan200
>
> **THIS IS ISP CONNECTED, Default route via this SVI pointed to ISP
> gateway**
>
> ip address
>
> ip route-cache flow
>
> ip route-cache policy
>
> load-interval 30
>
> no mop enabled
>
> standby 10 ip X
>
> standby 10 priority 120
>
> standby 10 preempt
>
> standby 10 name VPNHA
>
> crypto map pix
>
> crypto engine slot 7
>
> service-policy input BANDWIDTH_IN
>
> service-policy output BANDWIDTH_OUT
>
>
>
>
>
> class-map match-all _ABC_WEB_OUT_2
>
> match access-group name _ABC_WEB_IN
>
>
>
> class-map match-all _ABC_WEB_IN
>
> match access-group name _ABC_WEB_IN
>
>
>
> class-map match-all _ABC_WEB_OUT
>
> match access-group name _ABC_WEB_OUT
>
>
>
> class-map match-all _ABC_WEB_IN_2
>
> match access-group name _ABC_WEB_OUT
>
> !
>
> policy-map BANDWIDTH_IN
>
> class _ABC_WEB_IN
>
> police cir 12500000 bc 390625 be 390625 conform-action transmit
> exceed-action drop
>
>
>
> policy-map BANDWIDTH_OUT_2
>
> class _ABC_WEB_OUT_2
>
> police cir 12500000 bc 390625 be 390625 conform-action transmit
> exceed-action drop
>
>
>
> policy-map BANDWIDTH_IN_2
>
> class _ABC_WEB_IN_2
>
> police cir 12500000 bc 390625 be 390625 conform-action transmit
> exceed-action drop
>
>
>
> policy-map BANDWIDTH_OUT
>
> class _ABC_WEB_OUT
>
> police cir 12500000 bc 390625 be 390625 conform-action transmit
> exceed-action drop
>
>
>
> Access-lists are configured correctly to classify the traffic..
>
>
>
> Netflow is configured correctly classifying layer2 switched and L3 routed
> packets using NDE/mls.
>
>
>
> ---------------------------------
>
>
>
> Regards
>
> Swap
>
> #19804
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Pavel Bykov ---------------- Don't forget to help stopping the braindumps, use of which reduces value of your certifications. Sign the petition at http://www.stopbraindumps.com/Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:09 ARST