13.34 IP accounting transit records

What does ip accounting-transits 1 do?

Allow for one record that will used for flows that do not mach your accounting-list - wrong!

It actually specifies the number of packets that will be reported that do not match the accounting-list.

So with the config on R1 - vol 1 topology -

int f0/0
  ip accounting output-packets
int s0/0
  ip accounting output-packets

int s0/1
 ip accounting output-packets
!
ip accounting-list 155.10.0.0 0.0.255.255
ip accounting-transits 1001
ip accounting-threshold 4096

You get the following output -

Rack10R1#show ip account
   Source           Destination              Packets               Bytes
 150.10.6.6       150.10.3.3                     500              100000
 150.10.3.3       150.10.6.6                     501              100200
 150.10.6.6       155.10.13.3                   3104              620800
 155.10.13.3      150.10.6.6                    3104              620800

Accounting data age is 4

In this case ping 150.10.6.6 source l0 repeat 10000 on R3 (only s1/2 interface operational) was initiated.  The number of packets in the first two flows add up to 1001! The only way further transits will be captured by accounting is after clear ip accounting has been applied to checkpoint the database.

In the worst case scenario you could have 1001 records used for transits with the above configuration.

 

 

 

Sign In or Register to comment.