Feature Interaction Of Netflow Statistics With Ubrl And Microflow Policing; Vlan Statistics - Cisco 4500M Software Manual

Chapter 40 Configuring NetFlow Statistics Collection
Determining the Input Interface and Input Related Inferred Fields
Similarly, the input interface and the source AS number for the source IP address are determined by
looking up the FIB entry in the default FIB table based on the source IP address. Therefore, the input
interface is based solely on the source IP address and a reverse lookup is done to determine to which
interface a packet with this IP destination address needs to be routed. This process assumes that the
forwarding paths are symmetrical. However, if this process yields multiple input interfaces, a
deterministic algorithm will be applied to pick one of them the one with the lowest IP address. Although
this process typically yields correct values, there are scenarios where the values are inaccurate:
•
•
•
•
The Supervisor Engine V-10GE does a better job at this by providing the input interface information via
Note
hardware. Having this information greatly improves the accuracy of the inferred fields.

Feature Interaction of Netflow Statistics with UBRL and Microflow Policing

On systems with Supervisor Engine V-10GE, there is a feature interaction between Netflow Statistics
and UBRL (User Based Rate Limiting). As part of correctly configuring UBRL on a given interface, the
class-map must specify a flow-mask. In turn, this flow mask is used to create hardware-based netflow
statistics for the flow. By default, for traditional full-flow netflow statistics, the full-flow mask is used.
With UBRL, however, the masks can differ. If UBRL is configured on a given interface, the statistics are
collected based on the mask configured for UBRL. Consequently, the system will not collect full-flow
statistics for traffic transiting an interface configured with UBRL. For more details, refer to the
"Configuring User Based Rate Limiting" section on page

VLAN Statistics

With NetFlow support, you can report Layer 2 output VLAN statistics, as well as VLAN statistics for
routed traffic in and out of a VLAN.
OL-6696-01
If load balancing is being applied by an upstream adjacent switch, one input interface must be
chosen arbitrarily out of the multiple input interfaces available. This action is necessary because the
input interface that would be used depends on the type of load balancing algorithm being deployed
by the adjacent upstream switch. It is not always feasible to know the algorithm. Therefore, all flow
statistics will be attributed to one input interface. Software selects the interface with the lowest IP
subnet number.
In an asymmetric routing scheme, where the traffic for an IP subnet might be received on an
interface that is different from the interface where packets are sent to this IP subnet, the inferences
noted previously for selecting an input interface, based on a reverse lookup, would be incorrect and
cannot be verified.
If PBR or VRF is enabled on the switch and the flow is destined to an address that resides in the
PBR or VRF range or is sourced from an address that resides in the PBR or VRF range, the
information will be incorrect. In this case, the input and output interface will most likely point to
the default route (if configured) or will have no value at all (NULL)
If VRF is enabled on the switch on some interfaces and the flow is sourced from a VRF interface,
the information will be incorrect. In this case, the input and output interface will most likely point
to the default route (if configured) or will have no value (NULL).
Overview of NetFlow Statistics Collection
29-35.
Software Configuration Guide—Release 12.2(25)EW
40-5