Jon Lewis wrote:
On Sat, 15 Nov 2008, Philip L. wrote:
This is on a Sup720-3BXL by the way:
'sh mls netflow table-con detailed:' Earl in Module 5 Detailed Netflow CAM (TCAM and ICAM) Utilization ================================================ TCAM Utilization : 100% ICAM Utilization : 6% Netflow TCAM count : 262024 Netflow ICAM count : 8 Netflow Creation Failures : 2085847 Netflow CAM aliases : 0
This looks like the same issue I ran into not long ago. Switch your netflow over from full to sampled...you lose lots of data, but your hardware can't handle full netflow for your traffic level.
AFAIK, your only other options are to mess with the mls aging timers (shorten them) or buy cards with DFC and hope that gets you enough additional netflow capacity for the interfaces your collecting.
Hopefully he is not trying to use netflow for accounting/billing. I use: mls sampling packet-based 1024 8192 As it is a convenient factor of ~1000 from the real numbers. 1Gbit/s of traffic shows up as 1Mbit/s. This has been accurate enough for anything I have wanted to look at like per-AS traffic. - Kevin