forum.opennet.ru

Составление сообщения

Исходное сообщение

"Cisco 3640, NAT & NetFlow"
Отправлено Dmitriy Sirant, 21-Фев-06 14:03

Имеем:
cisco-3640#sh ver
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3640-IO3-M), Version 12.2(32), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Fri 02-Dec-05 15:19 by
Image text-base: 0x60008930, data-base: 0x60A88000
ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
cisco-3640 uptime is 4 hours, 3 minutes
System returned to ROM by reload
System image file is "flash:c3640-io3-mz.122-32.bin"
cisco 3640 (R4700) processor (revision 0x00) with 61440K/4096K bytes of memory.
Processor board ID 21961002
R4700 CPU at 100Mhz, Implementation 33, Rev 1.0
Bridging software.
X.25 software, Version 3.0.0.
2 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
DRAM configuration is 64 bits wide with parity disabled.
125K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
Проблема, что траффик идущий через NAT не попадает в NetFlow, а именно:
04:04:36: IP: s=66.225.214.106 (Ethernet0/0), d=192.168.23.15, len 40, policy match
04:04:36: IP: route map netflow_nat, item 10, permit
04:04:36: IP: s=66.225.214.106 (Ethernet0/0), d=192.168.23.15 (Loopback0), len 40, policy routed
04:04:36: IP: Ethernet0/0 to Loopback0 192.168.23.15
а cisco-3640#sh ip cache flow | include 66.225.214.106
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 100C     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 100F     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 1008     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 1007     3
Et0/1         192.168.23.15   Et0/0         66.225.214.106  06 0F57 22B8    22
Et0/0         66.225.214.106  Null          192.168.23.15   06 22B8 0F57    25
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0EAA     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0EA6     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0EE3     6
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0EC3     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0E71     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FA9     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FBB     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F8C     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F8F     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F98     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F94     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FEF     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FE7     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FE3     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FF2     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FF3     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FCF     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FC5     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0FD4     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F1C     9
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F19     6
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F1A     4
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F6A     3
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F64     4
Et0/0         66.225.214.106  Null          192.168.23.15   06 0050 0F7F     3
т.е. с помощью route-map я его перенаправил на интерфейс loopback, а он всеравно не попадает в netflow...

Исходное сообщение
"Cisco 3640, NAT & NetFlow" Отправлено Dmitriy Sirant, 21-Фев-06 14:03
Имеем: cisco-3640#sh ver Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3640-IO3-M), Version 12.2(32), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Fri 02-Dec-05 15:19 by Image text-base: 0x60008930, data-base: 0x60A88000 ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) cisco-3640 uptime is 4 hours, 3 minutes System returned to ROM by reload System image file is "flash:c3640-io3-mz.122-32.bin" cisco 3640 (R4700) processor (revision 0x00) with 61440K/4096K bytes of memory. Processor board ID 21961002 R4700 CPU at 100Mhz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. 2 Ethernet/IEEE 802.3 interface(s) 1 FastEthernet/IEEE 802.3 interface(s) 2 Serial network interface(s) DRAM configuration is 64 bits wide with parity disabled. 125K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Проблема, что траффик идущий через NAT не попадает в NetFlow, а именно: 04:04:36: IP: s=66.225.214.106 (Ethernet0/0), d=192.168.23.15, len 40, policy match 04:04:36: IP: route map netflow_nat, item 10, permit 04:04:36: IP: s=66.225.214.106 (Ethernet0/0), d=192.168.23.15 (Loopback0), len 40, policy routed 04:04:36: IP: Ethernet0/0 to Loopback0 192.168.23.15 а cisco-3640#sh ip cache flow \| include 66.225.214.106 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 100C 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 100F 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 1008 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 1007 3 Et0/1 192.168.23.15 Et0/0 66.225.214.106 06 0F57 22B8 22 Et0/0 66.225.214.106 Null 192.168.23.15 06 22B8 0F57 25 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0EAA 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0EA6 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0EE3 6 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0EC3 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0E71 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FA9 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FBB 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F8C 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F8F 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F98 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F94 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FEF 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FE7 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FE3 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FF2 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FF3 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FCF 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FC5 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0FD4 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F1C 9 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F19 6 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F1A 4 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F6A 3 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F64 4 Et0/0 66.225.214.106 Null 192.168.23.15 06 0050 0F7F 3 т.е. с помощью route-map я его перенаправил на интерфейс loopback, а он всеравно не попадает в netflow...

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

> Имеем: 
> cisco-3640#sh ver 
> Cisco Internetwork Operating System Software 
> IOS (tm) 3600 Software (C3640-IO3-M), Version 12.2(32), RELEASE SOFTWARE (fc1) 
> Copyright (c) 1986-2005 by cisco Systems, Inc.
> Compiled Fri 02-Dec-05 15:19 by 
> Image text-base: 0x60008930, data-base: 0x60A88000

> ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

> cisco-3640 uptime is 4 hours, 3 minutes 
> System returned to ROM by reload 
> System image file is "flash:c3640-io3-mz.122-32.bin"

> cisco 3640 (R4700) processor (revision 0x00) with 61440K/4096K bytes of memory.
> Processor board ID 21961002 
> R4700 CPU at 100Mhz, Implementation 33, Rev 1.0 
> Bridging software.
> X.25 software, Version 3.0.0.
> 2 Ethernet/IEEE 802.3 interface(s) 
> 1 FastEthernet/IEEE 802.3 interface(s) 
> 2 Serial network interface(s) 
> DRAM configuration is 64 bits wide with parity disabled.
> 125K bytes of non-volatile configuration memory.
> 8192K bytes of processor board System flash (Read/Write)

> Configuration register is 0x2102

> Проблема, что траффик идущий через NAT не попадает в NetFlow, а именно: 
 
> 04:04:36: IP: s=66.225.214.106 (Ethernet0/0), d=192.168.23.15, len 40, policy match 
> 04:04:36: IP: route map netflow_nat, item 10, permit 
> 04:04:36: IP: s=66.225.214.106 (Ethernet0/0), d=192.168.23.15 (Loopback0), len 40, policy 
> routed 
> 04:04:36: IP: Ethernet0/0 to Loopback0 192.168.23.15

> а cisco-3640#sh ip cache flow | include 66.225.214.106 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 100C     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 100F     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 1008     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 1007     3 
> Et0/1         192.168.23.15   
> Et0/0         66.225.214.106  
> 06 0F57 22B8    22 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 22B8 0F57    25 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0EAA     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0EA6     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0EE3     6 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0EC3     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0E71     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FA9     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FBB     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F8C     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F8F     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F98     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F94     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FEF     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FE7     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FE3     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FF2     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FF3     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FCF     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FC5     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0FD4     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F1C     9 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F19     6 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F1A     4 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F6A     3 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F64     4 
> Et0/0         66.225.214.106  Null 
>          192.168.23.15  
>  06 0050 0F7F     3

> т.е. с помощью route-map я его перенаправил на интерфейс loopback, а он 
> всеравно не попадает в netflow...

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру