-
Traditional
NetFlow (TNF) accounting is not supported.
-
Flexible NetFlow
v5 export format is not supported, only NetFlow v9 export format is supported.
-
Both ingress
and egress NetFlow accounting is supported.
-
Microflow
policing feature shares the NetFlow hardware resource with FNF.
-
Only one flow
monitor per interface and per direction is supported.
-
Layer 2, IPv4,
and IPv6 traffic types are supported; however, the
switch can apply a flow monitor to only one
of these types at a time for a given direction and interface.
-
Layer 2, VLAN,
WLAN and Layer 3 interfaces are supported, but the
switch does not support SVI and tunnels.
-
The following
NetFlow table sizes are supported:
Trim
Level
|
Ingress NetFlow Table
|
Egress
NetFlow Table
|
LAN
Base
|
Not
supported
|
Not
supported
|
IP
Base
|
8 K
|
16 K
|
IP
Services
|
8 K
|
16 K
|
-
Depending on the switch type, a switch will have one or two
forwarding ASICs. The capacities listed in the above table are on a per-ASIC
basis.
-
The switch can
support either one or two ASICs. Each ASIC has 8K ingress and 16 K egress
entries.
-
The NetFlow tables are on separate compartments and
cannot be combined. Depending on which ASIC processed the packet, the flows
will be created in the table in the corresponding ASIC.
-
Both full flow
accounting and sampled NetFlow accounting are supported.
-
NetFlow hardware
implementation supports four hardware samplers. You can select a sampler rate
from 1 out of 2 to 1 out of 1024. Only random sampling mode is supported.
-
With the
microflow policing feature (which is enabled only for wireless implementation),
NetFlow can and should be used only in full flow mode i.e. NetFlow policing
cannot be used. For wireless traffic, applying a sampler is not permitted, as
it hinders microflow QoS.
-
Only full
flow accounting is supported for wireless traffic.
-
NetFlow hardware
uses hash tables internally. Hash collisions can occur in the hardware.
Therefore, in spite of the internal overflow Content Addressable Memory (CAM),
the actual NetFlow table utilization could be about 80 percent.
-
Depending on
what fields are used for the flow, a single flow could take two consecutive
entries. IPv6 flows also take two entries. In these situations, the effective
usage of NetFlow entries is half the table size, which is separate from the
above hash collision limitation.
-
The
switch supports up to 16 flow monitors.
-
Microflow
policing uses a separate set of flow monitors (limit 3).
-
SSID-based
NetFlow accounting is supported. SSID is treated in a manner similar to an
interface. However, certain fields are not supported (such as AP MAC address
and user ID ).
-
NetFlow v9
format NetFlow export is supported.
-
The NetFlow software implementation supports
distributed NetFlow export, so the flows are exported from the same
switch in which the flow was created.
-
Ingress flows
are present in the ASIC that first received the packets for the flow. Egress
flows are present in the ASIC from which the packets actually left the
switch set up.
-
The reported
value for the bytes count field (called “bytes long”) is Layer-2-packet-size—18
bytes. For classic Ethernet traffic (802.3), this will be accurate. For all
other Ethernet types, this field will not be accurate. Use the "bytes layer2”
field, which always reports the accurate Layer 2 packet size. For information
about supported Flexible NetFlow fields, see
Supported Flexible NetFlow Fields.