The MLS aging time (default 300 seconds) applies to all NetFlow table entries. You can configure the normal aging time in the range of 32 to 4092 seconds. Flows can age as much as 4 seconds sooner or later than the configured interval. On average, flows age within 2 seconds of the configured value.
Other events might cause MLS entries to be purged, such as routing changes or a change in link state.
If the number of MLS entries exceeds the recommended utilization (see the results of the command: show mls netflow table-contention detailed), only adjacency statistics might be available for some flows.
To keep the NetFlow table size below the recommended utilization, enable the following parameters when using the mls aging command:
A typical table entry that is removed by fast aging is the entry for flows to and from a Domain Name Server (DNS) or TFTP server.
If you need to enable MLS fast aging time, initially set the value to 128 seconds. If the size of the NetFlow table continues to grow over the recommended utilization, decrease the setting until the table size stays below the recommended utilization. If the table continues to grow over the recommended utilization, decrease the normal MLS aging time.
Command references:
Router(config)# mls aging {fast [threshold {1-128} | time {1-128}] | long 64-1920 | normal 32-4092}
Router# show mls netflow aging