How can I do this?
↧
NTA - How to monitor traffic on a Cisco ASA5525
↧
Which Ports to Configure for Netflow?
Hello,
I am trying to set up Solarwinds NTA but I am having a bit trouble conceptulising the deployment and configuration. Can someone advise on which ports Netflow should be enabled within a multi-campus network environment?
I have three sites A, B and C that are connected with WAN links (A to B, B to C and C to A). There is a Cisco 3850 core switch at each site which is capable of doing Cisco Flexible Netflow. My question is on which interfaces should I enable Netflow on the cores?
I presume to enable it on the L3 WAN Link ports between each of the sites.
1. Should I enable Netflow on the trunk ports between the Core and Edge Switches at each site?
2. For each interface where Netflow is enabled, what direction should it be enabled for (Ingress, Egress or Both)? I did find this article which said not to enable both Ingress and Egress capture for Netflow interfaces due to double-capturing data. But if you just enable Ingress monitoring on each interface then the Egress statistics in NTA are blank. Should this be how it is done?
3. How is traffic between two ports on the same VLAN, on the same edge switch captured by Netflow? Or is NTA with Netflow only designed to capture routed traffic?
Thanks
↧
↧
there was no endpoint listening at net.tcp://cppunit:17777/orion/core/businesslayer
After the software install and running for few days. We have power fail, after reboot, I cannot access the Orion Web console, erroe message pop up "there was no endpoint listening at net.tcp://cpputil:17777/orion/core/businesslayer". I check with all required service were up and running. (UTIL is the collerctor/server)
↧
NTA Retention Period
This is for NTA 4.2.0
Retention period is currently set to 30 days and has been like this for some time. What will the impact be if I change this to 90 days? When I press "CALCULATE" in the Database Size section, it shows:
Current size: 3.2 GB
Projected size: Retention period is full, see the current database size
So if I change my retention period to 90 days, will my current size be increased to 9.6 GB (3.2 * 3 = 9.6)? Other than taking up more database storage, will there be more lag, loading time, etc regarding NPM and/or the web console? I would really like to know before making the change.
↧
NTA 4.2.3 Packet Dropped: Unmonitored Node / Unmonitored Interface for Status
Hello and Good day
Is there anyway we can find out which node/interface is causing these Application component monitors to go critical in SAM (latest version)
Packet Dropped: Unmonitored Node - 4.3 million
Unmonitored Interface - 3534
Thank you
↧
↧
Which Ports to Configure for Netflow?
Hello,
I am trying to set up Solarwinds NTA but I am having a bit trouble conceptulising the deployment and configuration. Can someone advise on which ports Netflow should be enabled within a multi-campus network environment?
I have three sites A, B and C that are connected with WAN links (A to B, B to C and C to A). There is a Cisco 3850 core switch at each site which is capable of doing Cisco Flexible Netflow. My question is on which interfaces should I enable Netflow on the cores?
I presume to enable it on the L3 WAN Link ports between each of the sites.
1. Should I enable Netflow on the trunk ports between the Core and Edge Switches at each site?
2. For each interface where Netflow is enabled, what direction should it be enabled for (Ingress, Egress or Both)? I did find this article which said not to enable both Ingress and Egress capture for Netflow interfaces due to double-capturing data. But if you just enable Ingress monitoring on each interface then the Egress statistics in NTA are blank. Should this be how it is done?
3. How is traffic between two ports on the same VLAN, on the same edge switch captured by Netflow? Or is NTA with Netflow only designed to capture routed traffic?
Thanks
↧
Has ANYONE got Flexible Netflow working on 4500 with Sup7 that is understandable by Solarwinds Netflow
Hi have been trying to work with Cisco over the past 4 weeks to get Flexible Netflow to work properly with Orion/NTA with zero success. This is a 4507R+E with dual Sup 7's
I have the works TAC support person, but that's beside the point. I've spoken with SW and didn't get the warm and fuzzies on their answers either.
It appears to me I will not be able to monitor layre "virtual" interfaces on the 4507, which is unacceptable and if the case I will raise a stink with Cisco one I get it working.
So my questions are:
Does it even work? This hardware, Flexible Network and NTA 3.7?
The commands take and it just seems like NTA doesn't accept them, I'm guessing they are missing something like TOS, but this is not the same as regular Netflow.
I have been testing many permitations, but I either get the traffic in NTA showing that it is coming from all interfaces, or it doesn't see any at all.
Here's the config I am testing with today:
flow record ipv4
! match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect interface input
!
!
flow exporter NetFlow-to-Orion
destination 10.10.10.1
source vlan254
transport udp 2055
export-protocol netflow-v5
!
!
flow monitor NetFlow-Monitor
description Original Netflow captures
record ipv4
exporter NetFlow-to-Orion
vlan configuration 254
ip flow monitor NetFlow-Monitor input
Any help would be great
Bob
↧
CISCO 6509 Netflow configuration
I have configured my 6509 switch for netflow to look at the traffic on a gig interface. The configuration is below.
My question is that although the flow-export version is 9. i cannot select 9 for mls nde sender version. The options are 5 or 7. What is the defference for mls nde sender version for 5 or 7 and will it have a problem with flow-export version 9? I do however monitor traffic but is that the correct traffic due to the versions difference?
Thanks
mls flow ip full
mls nde sender version 5
ip flow-export source x.x.x.x ip flow-export version 9 ip flow-export destination x.x.x.x 2055 ip flow-cache timeout active 1
interface GigabitEthernet7/41
ip route-cache flow
↧
NBAR2 vs Netflow
Hi,
Reaching out to see if anyone has noticed large differences between NBAR2 and Netflow data.
I've been trying to figure out which source I should use when trying to establish utilisation.
Should the data be the same? I appreciate NBAR covers more layers but I would have thought it would be close just more detailed around the type of traffic.
Attached are two graphs from the same interface on a router. NBAR2 and Netflow.
Thanks
Adam
↧
↧
Netflow configuration - ingress vs egress
So, I've tried to wade through the documentation on cisco.com and solarwinds but could use some help figuring how to setup netflow v9 for my monitoring needs. I'm particularly interested in the pros and cons of ingress vs egress capturing or whether I should do both. I have two main data center locations and 7 branch locations that talk over mpls WAN. The previous admin had it setup "ip flow ingress" on the LAN ports (including subinterfaces) of the cisco routers with nothing on the WAN interfaces. Wouldn't it make more sense to collect both directions (ip flow ingress and ip flow egress) on the WAN interface since as I read it is after WAAS (WAN compression).
Any reason this is a bad idea?
It makes sense to capture both ingress and egress, right?
I appreciate any input or expertise.
↧
Netflow configure Cisco ASR 1002
We just installed a Cisco ASR 1002, The old net flow commands used in our 3845 do not work. Has anyone set configuration to export Top-Talkers?
Thanks
↧
Setting up Netflow for Cisco 2960s
All,
I'm trying to setup netflow to monitor our Cisco 2960s switches. They are layer 2 switches and Solarwinds tech support suggested I look at nprobe application to, but they don't support it or know how it should be configured. Any help would be appreciated or if you know of any other software that will work with getting the information to netflow. Thanks.
↧
Netflow configuration on multiple interfaces and sub-interfaces
Hi,
I configured netflow on cisco router 2921 and here is my config..
ip flow-export source Gigabitethernet 0/1
ip flow-export source Gigabitethernet 0/2
ip flow-export source Gigabitethernet 0/0
ip flow-export version 5
ip flow-export destination 131.x.x.x 2055
I also configure this on each interface
Interface Gigabitethernet 0/0
ip flow ingress
ip flow egress
ip route-cache flow
Interface Gigabitethernet 0/1
ip route-cache flow
Interface Gigabitethernet 0/1.55
ip flow ingress
ip flow egress
ip route-cache
Interface Gigabitethernet 0/1.56
ip flow ingress
ip flow egress
ip route-cache
Interface Gigabitethernet 0/2
ip flow ingress
ip flow egress
ip route-cache flow
when I performed show run on the router this is the configuration that appeared:
ip flow-export source Gigabitethernet 0/0
ip flow-export version 5
ip flow-export destination 131.x.x.x 2055
I noticed that the last source (Gigabitethernet0/0) that I typed was the source that was registered on the router
What could be the effect of this configuration?
Gigabitethernet0/1 and Gigabitethernet0/2 are on the public side of the router,I want to monitor the traffic that is going in and out of these interface because I have vpn tunnels configured on this interfaces (Gigabitethernet 0/1.55 and Gigabitethernet0/1.56)
Did I enter the right configuration for my router?
By the way my Solarwinds server resides on the Gigabitethernet0/0 network.
Please help..
Thank you very much!
↧
↧
there was no endpoint listening at net.tcp://cppunit:17777/orion/core/businesslayer
After the software install and running for few days. We have power fail, after reboot, I cannot access the Orion Web console, erroe message pop up "there was no endpoint listening at net.tcp://cpputil:17777/orion/core/businesslayer". I check with all required service were up and running. (UTIL is the collerctor/server)
↧
Which Ports to Configure for Netflow?
Hello,
I am trying to set up Solarwinds NTA but I am having a bit trouble conceptulising the deployment and configuration. Can someone advise on which ports Netflow should be enabled within a multi-campus network environment?
I have three sites A, B and C that are connected with WAN links (A to B, B to C and C to A). There is a Cisco 3850 core switch at each site which is capable of doing Cisco Flexible Netflow. My question is on which interfaces should I enable Netflow on the cores?
I presume to enable it on the L3 WAN Link ports between each of the sites.
1. Should I enable Netflow on the trunk ports between the Core and Edge Switches at each site?
2. For each interface where Netflow is enabled, what direction should it be enabled for (Ingress, Egress or Both)? I did find this article which said not to enable both Ingress and Egress capture for Netflow interfaces due to double-capturing data. But if you just enable Ingress monitoring on each interface then the Egress statistics in NTA are blank. Should this be how it is done?
3. How is traffic between two ports on the same VLAN, on the same edge switch captured by Netflow? Or is NTA with Netflow only designed to capture routed traffic?
Thanks
↧
NBAR2 vs Netflow
Hi,
Reaching out to see if anyone has noticed large differences between NBAR2 and Netflow data.
I've been trying to figure out which source I should use when trying to establish utilisation.
Should the data be the same? I appreciate NBAR covers more layers but I would have thought it would be close just more detailed around the type of traffic.
Attached are two graphs from the same interface on a router. NBAR2 and Netflow.
Thanks
Adam
↧
LIcensing - pricing mode
We are currently running Orion and APM.
We have been running a trail of the Netflow Traffic Analyzer. We like the product but the price is crazy. The pricing is based on the number of nodes in Orion, NOT the number of routers we want to monitor. Even with a huge discount, it is still out of line.
Why don't they offer Netflow by a router count instead of total nodes?
Thanks,
D.
↧
↧
Has ANYONE got Flexible Netflow working on 4500 with Sup7 that is understandable by Solarwinds Netflow
Hi have been trying to work with Cisco over the past 4 weeks to get Flexible Netflow to work properly with Orion/NTA with zero success. This is a 4507R+E with dual Sup 7's
I have the works TAC support person, but that's beside the point. I've spoken with SW and didn't get the warm and fuzzies on their answers either.
It appears to me I will not be able to monitor layre "virtual" interfaces on the 4507, which is unacceptable and if the case I will raise a stink with Cisco one I get it working.
So my questions are:
Does it even work? This hardware, Flexible Network and NTA 3.7?
The commands take and it just seems like NTA doesn't accept them, I'm guessing they are missing something like TOS, but this is not the same as regular Netflow.
I have been testing many permitations, but I either get the traffic in NTA showing that it is coming from all interfaces, or it doesn't see any at all.
Here's the config I am testing with today:
flow record ipv4
! match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect interface input
!
!
flow exporter NetFlow-to-Orion
destination 10.10.10.1
source vlan254
transport udp 2055
export-protocol netflow-v5
!
!
flow monitor NetFlow-Monitor
description Original Netflow captures
record ipv4
exporter NetFlow-to-Orion
vlan configuration 254
ip flow monitor NetFlow-Monitor input
Any help would be great
Bob
↧
Setting up Netflow for Cisco 2960s
All,
I'm trying to setup netflow to monitor our Cisco 2960s switches. They are layer 2 switches and Solarwinds tech support suggested I look at nprobe application to, but they don't support it or know how it should be configured. Any help would be appreciated or if you know of any other software that will work with getting the information to netflow. Thanks.
↧
Netflow configuration on multiple interfaces and sub-interfaces
Hi,
I configured netflow on cisco router 2921 and here is my config..
ip flow-export source Gigabitethernet 0/1
ip flow-export source Gigabitethernet 0/2
ip flow-export source Gigabitethernet 0/0
ip flow-export version 5
ip flow-export destination 131.x.x.x 2055
I also configure this on each interface
Interface Gigabitethernet 0/0
ip flow ingress
ip flow egress
ip route-cache flow
Interface Gigabitethernet 0/1
ip route-cache flow
Interface Gigabitethernet 0/1.55
ip flow ingress
ip flow egress
ip route-cache
Interface Gigabitethernet 0/1.56
ip flow ingress
ip flow egress
ip route-cache
Interface Gigabitethernet 0/2
ip flow ingress
ip flow egress
ip route-cache flow
when I performed show run on the router this is the configuration that appeared:
ip flow-export source Gigabitethernet 0/0
ip flow-export version 5
ip flow-export destination 131.x.x.x 2055
I noticed that the last source (Gigabitethernet0/0) that I typed was the source that was registered on the router
What could be the effect of this configuration?
Gigabitethernet0/1 and Gigabitethernet0/2 are on the public side of the router,I want to monitor the traffic that is going in and out of these interface because I have vpn tunnels configured on this interfaces (Gigabitethernet 0/1.55 and Gigabitethernet0/1.56)
Did I enter the right configuration for my router?
By the way my Solarwinds server resides on the Gigabitethernet0/0 network.
Please help..
Thank you very much!
↧