Hi,
I’m trying to setup flowspec export to an AS-Stats from an ASR1001
running IOS XE 03.16.06.S
If I’m using original-input template I get AS23456 instead of the real
ASN, e.g.
Flow 4
ipv6FlowLabel: 74969
IPv6 Extension Headers: 0x00000000
SrcAddr: 2a03:7220:8083:a600::1
DstAddr: 2a00:5884:8218::1
Protocol: UDP (17)
IP ToS: 0x00
SrcPort: 43805 (43805)
DstPort: 53 (53)
TCP Flags: 0x00
00.. .... = Reserved: 0x0
..0. .... = URG: Not used
...0 .... = ACK: Not used
.... 0... = PSH: Not used
.... .0.. = RST: Not used
.... ..0. = SYN: Not used
.... ...0 = FIN: Not used
SrcAS: 23456
SrcMask: 32
InputInt: 8
DstAS: 0
NextHop: 2a00:5884:0:6::8
DstMask: 48
OutputInt: 11
Direction: Ingress (0)
SamplerID: 0
Octets: 103
Packets: 1
[Duration: 0.000000000 seconds (switched)]
StartTime: 2608346.732000000 seconds
EndTime: 2608346.732000000 seconds
I tried to set my own template (the same as original-input without the
ASN info) with this config:
asbr01#sh run | sec NETFLOW
flow record FR-NETFLOW-ASSTATS-IPv4
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match flow sampler
collect routing next-hop address ipv4
collect ipv4 source mask
collect ipv4 destination mask
collect transport tcp flags
collect interface output
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
flow exporter FE-NETFLOW-ASSTATS
destination 89.234.186.43
source GigabitEthernet0/0/1.33
transport udp 9000
template data timeout 300
flow monitor FM-NETFLOW-ASSTATS-IPv4
exporter FE-NETFLOW-ASSTATS
cache timeout active 30
record FR-NETFLOW-ASSTATS-IPv4
But I had the following error message when I added `record
FR-NETFLOW-ASSTATS-IPv4` (even before applying it to the interface).
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: SIP0:
fman_fp_image: [FNF Object] type:MON_FDEF_BIND
name:FM-NETFLOW-ASSTATS-IPv4-0-FR-NETFLOW-ASSTATS-IPv4-1197725476
fnf-id:2000012 real-id:12 info:mon-id:2000007 flow-id:2000012 download
to CPP failed
Since then, even the original-input template isn’t working for IPv4.
I didn’t test my personnal templatre on IPv6 and original-input is
working on it for now.
I only found something about QoS for FMFP-3-OBJ_DWNLD_TO_CPP_FAILED.
Is it something known?
Regards,
--
Alarig Le Lay
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
I’m trying to setup flowspec export to an AS-Stats from an ASR1001
running IOS XE 03.16.06.S
If I’m using original-input template I get AS23456 instead of the real
ASN, e.g.
Flow 4
ipv6FlowLabel: 74969
IPv6 Extension Headers: 0x00000000
SrcAddr: 2a03:7220:8083:a600::1
DstAddr: 2a00:5884:8218::1
Protocol: UDP (17)
IP ToS: 0x00
SrcPort: 43805 (43805)
DstPort: 53 (53)
TCP Flags: 0x00
00.. .... = Reserved: 0x0
..0. .... = URG: Not used
...0 .... = ACK: Not used
.... 0... = PSH: Not used
.... .0.. = RST: Not used
.... ..0. = SYN: Not used
.... ...0 = FIN: Not used
SrcAS: 23456
SrcMask: 32
InputInt: 8
DstAS: 0
NextHop: 2a00:5884:0:6::8
DstMask: 48
OutputInt: 11
Direction: Ingress (0)
SamplerID: 0
Octets: 103
Packets: 1
[Duration: 0.000000000 seconds (switched)]
StartTime: 2608346.732000000 seconds
EndTime: 2608346.732000000 seconds
I tried to set my own template (the same as original-input without the
ASN info) with this config:
asbr01#sh run | sec NETFLOW
flow record FR-NETFLOW-ASSTATS-IPv4
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match flow sampler
collect routing next-hop address ipv4
collect ipv4 source mask
collect ipv4 destination mask
collect transport tcp flags
collect interface output
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
flow exporter FE-NETFLOW-ASSTATS
destination 89.234.186.43
source GigabitEthernet0/0/1.33
transport udp 9000
template data timeout 300
flow monitor FM-NETFLOW-ASSTATS-IPv4
exporter FE-NETFLOW-ASSTATS
cache timeout active 30
record FR-NETFLOW-ASSTATS-IPv4
But I had the following error message when I added `record
FR-NETFLOW-ASSTATS-IPv4` (even before applying it to the interface).
%FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: SIP0:
fman_fp_image: [FNF Object] type:MON_FDEF_BIND
name:FM-NETFLOW-ASSTATS-IPv4-0-FR-NETFLOW-ASSTATS-IPv4-1197725476
fnf-id:2000012 real-id:12 info:mon-id:2000007 flow-id:2000012 download
to CPP failed
Since then, even the original-input template isn’t working for IPv4.
I didn’t test my personnal templatre on IPv6 and original-input is
working on it for now.
I only found something about QoS for FMFP-3-OBJ_DWNLD_TO_CPP_FAILED.
Is it something known?
Regards,
--
Alarig Le Lay
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/