Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
1
Helpful
5
Replies

show flow exporter on Cisco ACI API

zo3
Level 1
Level 1

‎07-08-2024 11:52 AM

Is there anything equivalent to the `show flow exporter` command to show the source IP address for Netflow records sent by the switch via the Cisco ACI API?

Labels:
0 Helpful
5 Replies 5

Remi-Astruc
Cisco Employee
Cisco Employee

‎07-08-2024 12:57 PM

Hi @zo3 ,

moquery -c netflowExporterPol | grep srcAddr

The Host part of the subneted IP is replaced by the Switch Node ID (e.g. if 10.1.0.0/20, Node ID 125 will use 10.1.0.125).

Regards

Remi Astruc

zo3
Level 1
Level 1
In response to Remi-Astruc

‎07-08-2024 01:30 PM - edited ‎07-08-2024 01:33 PM

Hi @Remi-Astruc - thank you so much for the response! In this case, are node IDs are unique across pods? I want to be able to associate the subneted IP to the specific node every time! For the example you gave, if the subneted IP is 10.1.0.0/20 - I would like to know that the policy is including Node ID 125. There's some point in configuring the Netflow policy where it asks which leaf nodes should be associated, but it doesn't seem like that appears in the response for `netflowExporterPol`

 

edit:

https://www.youtube.com/watch?v=6Yl_GelaS7g

this is the video I'm referencing when I was setting up my netflow configuration - it seems I'd need to query for the `netflowExporterPol` and then whatever the MO is for the leaf switch profile (if that gives the switch associations?)

NetFlow Configuration, Part 1
NetFlow Configuration, Part 1
youtube.com/watch?v=6Yl_GelaS7g
This video describes the NetFlow configuration using APIC. Documentation can be found here: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Cisco_APIC_and_NetFlow.html
0 Helpful

Remi-Astruc
Cisco Employee
Cisco Employee

‎07-08-2024 10:47 PM

The Node ID per switch is unique across a whole Single-/Multi-Pod Fabric and permanent, so when you know the Netflow source subnet, you know the Netflow source IP is unique per switch and permanent (assuming it is configured for Netflow, as explained in the first section of your video).

Regards

Remi Astruc
0 Helpful

zo3
Level 1
Level 1
In response to Remi-Astruc

‎07-09-2024 03:01 PM

@Remi-Astruc Thank you! I just want to confirm also as I rewatch the video and am getting a bit confused - when a block of nodes is selected (i.e. nodes 101-102) in the fabric policies that only enables Netflow for those nodes?

When I follow the video further and refer to this document - https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Cisco_APIC_and_NetFlow.html#id_42875 which outlines creating the exporter policy, records, profiles, etc. I'm trying to see when the associated leaf nodes are determined to be given an exporter IP address from the subnet but it seems like if Netflow is enabled then it should be assigned as such? I'm not sure if that makes sense - I just want to gather a list of all the possible exporter IP addresses by knowing what nodes/leafs are selected when I watch the video

0 Helpful

Remi-Astruc
Cisco Employee
Cisco Employee

‎07-10-2024 12:59 PM

If a given Leaf is part of a switch profile set with Netflow priority, then any Netflow export sourced from that Leaf will use the IP "subnet set in that export policy + Leaf node ID". That's all.

You will not find that explicit IP in some config object.

Regards

Remi Astruc
0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License