In a previous post we saw how to configure Flexible Netflow on a 3850 stack acting as MC/MA. In this post we will see how to configure this feature (also known as Application Visibility) on a 5760.
If you already familiar with AVC on Aironet WLCs (5508,2504, WiSM-2,etc) it has the feature of controlling traffic (re-marking, drop) at the WLC both upstream/ downstream. In current IOS-XE 3.3.0 this controlling part is not available & only Application Visibility can be implemented.(Controlling feature expect to be there in a future release)
Here are the IOS-XE 3.3.0 supported features on this. Note that only Gen2 APs (1600,2600,3600,3700) supported.
• Application Visibility – No Control
• Supported on IOS XE 3.3 platforms: 5760/3850/3650
• Use NBAR2 Protocol pack 5.1
• Seamless roaming
• More than 1000 applications
• Gen2 APs (AP1600, 2600, 3600, and 3700)
• Wireless clients only
• Centralized and Converged Access
• Flexible Netflow v9 Export to PI (PAM) and external collectors (Plixir and ActionPacked)
• Multicast/IPv6 classification is not supported.
Let’s see how to configure this using our standard topology for CA post as shown below.
We will configure this using GUI & then derive the CLI equivalent commands to do the same. Here is the default AVC settings under WLAN -> AVC section.
You can enable this feature & select default profiles configured on 5760.
If you look at the CLI config differences, you will see the CLI config lines added by the above modification.
5760-1#sh archive config differences nvram:startup-config system:running-config +flow monitor wireless-avc-basic +record wireless avc basic wlan LTUWireless 21 LTUWireless +ip flow monitor wireless-avc-basic input +ip flow monitor wireless-avc-basic output
Now if you go to Monitor -> Controller -> AVC -> WLAN (& select the WLAN configured for AVC) you should be able to see the traffic statistics. But why it is blank ?
This is because I am using 3502 AP model & it is not supported in this CA AVC deployment.No CLI output for the “show avc x” commands.
5760-1#sh wireless client summary Number of Local Clients : 2 MAC Address AP Name WLAN State Protocol -------------------------------------------------------------------------------- 2c54.2dea.f4ea L3502-2 21 UP 11a a088.b435.c2f0 L3502-2 21 UP 11n(5) 5760-1#show avc ? client avc client wlan wlan 5760-1#show avc wlan ? WORD Enter wlan name 5760-1#show avc wlan LTUWireless ? top top 5760-1#show avc wlan LTUWireless top ? <1-30> Enter a number 5760-1#show avc wlan LTUWireless top 5 ? application Display top applications 5760-1#show avc wlan LTUWireless top 5 application ? aggregate Display aggregate stats for top n applications downstream Display downstream stats for top n applications upstream Display upstream stats for top n applications 5760-1#show avc wlan LTUWireless top 5 application aggregate **** NO OUTPUT ****** 5760-1#show avc client 2c54.2dea.f4ea top 5 application aggregate ***** NO OUTPUT ******
Let’s get L3602-1 AP register to this 5760 & assign it to the LTU-CUWN AP group which was crated as part of a previous post. Then disable the L3502-2 AP in order clients to move to 3602. As you can see clients moved to L3602-1 AP.
5760-1#show ap summary Number of APs: 2 Global AP User Name: Not configured Global AP Dot1x User Name: Not configured AP Name AP Model Ethernet MAC Radio MAC State ---------------------------------------------------------------------------------------- L3502-2 3502I ccef.4872.0fc3 2c3f.382b.5260 Registered L3602-1 3602I 4c00.82df.a4c1 f84f.57e3.1460 Registered 5760-1#ap name L3602-1 ap-groupname LTU-CUWN Changing the AP's group name will cause the AP to reboot. Are you sure you want to continue? (y/n)[y]: y 5760-1#ap name L3502-2 shutdown 5760-1#show wireless client summary Number of Local Clients : 2 MAC Address AP Name WLAN State Protocol -------------------------------------------------------------------------------- 2c54.2dea.f4ea L3602-1 21 UP 11a a088.b435.c2f0 L3602-1 21 UP 11n(5)
Now you can see this AVC statistics for WLAN (Monitor -> Controller -> AVC -> WLAN) or specific client (Monitor -> Client -> MAC address -> AVC statistics) as shown in the below two snapshots. You can monitor them in “Aggregate”, “Upstream” or “Downstream” fashion.
WLAN AVC statistics
A Clieent (Laptop) AVC statistics
Now this is real time data. What about if you want to monitor this for period of time & some time combine multiple controller AVC stats. That’s where Prime infrastructure comes into play. You should have Prime Assurance in order to get this netflow stats using prime. In my case I do not have Prime Assurance, but have 3rd party Netflow Collector.
Let’s configure a flow exporter & use it within the default flow monitor (wireless-avc-basic). If you need you can create you own flow-record, flow-exporter & flow-monitor as well. (Refer 3850-Flexible Netflow post for more detail)
5760-1(config-flow-record)#flow exporter FLK-1 5760-1(config-flow-exporter)# destination x.x.8.216 5760-1(config-flow-exporter)# source Vlan1600 5760-1(config-flow-exporter)# transport udp 9995 5760-1(config)#flow monitor wireless-avc-basic 5760-1(config-flow-monitor)#exporter ? FLK-1 User defined 5760-1(config-flow-monitor)#exporter FLK-1
Now if you look at your Netflow collector tool you should be able to see the traffic. Here are some screenshot of my Netflow Collector statistics with respect to this.
You can monitor real-time stats via 5760 CLI as well
5760-1#show avc wlan LTUWireless top 10 application upstream Cumulative Stats: No. AppName Packet-Count Byte-Count AvgPkt-Size usage% ------------------------------------------------------------------------------------------------------ 1 cisco-phone 41554 8310800 200 86 2 unknown 6191 597761 96 6 3 netbios-ns 1883 147738 78 2 4 dns 1321 84277 63 1 5 http 1313 105422 80 1 6 ssl 1135 209462 184 2 7 exchange 615 150475 244 2 8 skinny 508 31837 62 0 9 rtcp 170 19480 114 0 10 icmp 108 24752 229 0 Last Interval(90 seconds) Stats: No. AppName Packet-Count Byte-Count AvgPkt-Size usage% ------------------------------------------------------------------------------------------------------ 1 cisco-phone 4179 835800 200 99 2 unknown 88 9164 104 1 3 rtcp 17 1972 116 0 4 skinny 5 296 59 0 5760-1#show avc wlan LTUWireless top 10 application downstream Cumulative Stats: No. AppName Packet-Count Byte-Count AvgPkt-Size usage% ------------------------------------------------------------------------------------------------------ 1 cisco-phone 46427 9285400 200 68 2 http 2392 3242288 1355 23 3 ssl 1327 1077406 811 8 4 unknown 602 205696 341 1 5 exchange 584 50010 85 0 6 skinny 342 29308 85 0 7 dns 195 37018 189 0 8 ping 63 3746 59 0 9 twitter 41 9206 224 0 10 ms-sms 40 27476 686 0 Last Interval(90 seconds) Stats: No. AppName Packet-Count Byte-Count AvgPkt-Size usage% ------------------------------------------------------------------------------------------------------ 1 cisco-phone 4178 835600 200 100 2 skinny 3 180 60 0 5760-1#show avc client 2c54.2dea.f4ea top 10 application aggregate Cumulative Stats: No. AppName Packet-Count Byte-Count AvgPkt-Size usage% ------------------------------------------------------------------------------------------------------ 1 cisco-phone 47544 9508800 200 100 2 skinny 157 13104 83 0 3 icmp 107 24396 228 0 4 rtcp 85 9860 116 0 5 unknown 19 1052 55 0 6 dhcp 9 3448 383 0 7 ping 1 48 48 0 Last Interval(90 seconds) Stats: No. AppName Packet-Count Byte-Count AvgPkt-Size usage% ------------------------------------------------------------------------------------------------------ 1 cisco-phone 9000 1800000 200 100 2 rtcp 17 1972 116 0 3 skinny 13 772 59 0
Here is the AVC deployment Guide for IOS-XE3.3 for your reference.
Related Posts
1. Getting Started with 3850
2. Getting Started with 5760
3. 3850(MA) with 5760(MC)
4. 5760 with 802.1x WLAN
5. 5760 in CA & CUWN solution
6. 3850- Flexible Netflow
