Hello all,
I understand that NetFlow is not supported on a Cisco 3560. Since this is the case, how can I then sniff the traffic coming from the 4 networks that are on this switch? I am used to enabling NetFlow on the router that the network is on. If I put a NetFlow supported Router in front of the 3560 and enable NetFlow on that router, will it give me NetFlow results on those 4 networks just as good as enabling NetFlow on the router that the network is on? Any comments would be appreciated. Thanks,
phx
Are you using the 3560 as a switch or a router? In other words is the 3560 routing traffic or just switching it?
If the expense of adding a router that supports NetFlow to your configuration isn't of any concern to you then that would work. You'd want to stop routing on your 3560 and have that handled by your new NetFlow supported router.
If you don't mind me asking, is this for short term diagnostics/troubleshooting or long term trending/analysis?
Thanks for the response. This will be used for long term trending/analysis. The 3560 is mainly used to route traffic and is divided into 4 vlans. I dont want to get a router with 4 interfaces or 4 seperate routers if that is what I have to do to make this work. So if I put one router in front of this 3560, will it sniff the traffic from those 4 networks or will NetFlow with Orion only work with one interface per network.? Thanks.
You don't need four physical interfaces, and you certainly don't need four routers. You can do this with an appropriately sized router that has one physical interface. This is known as "a router on a stick". As I stated previously, you'll need to relinquish the routing responsibilities from your 3560 and designate that function to your new router.