Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1072
Views
0
Helpful
3
Replies

cisco 2911 ios 15.2(4)M3 netflow problem for interface tunnel gre

kaabiayman1
Level 1
Level 1

‎09-18-2016 04:47 AM

Hi support,

i configured netflow version 9 for a remote cisco 2911 for interface g0/1 and interface tunnel gre. 
In our netflow analyzer we receive the interface g0/1 but not the interface tunnel gre .

can you explain me the problem.

please see the version output and the netflow configuration:

RT-0162701#sh version

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(4)M3, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2013 by Cisco Systems, Inc.

Compiled Tue 26-Feb-13 03:42 by prod_rel_team

 

ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)

 

RT-0162701 uptime is 2 weeks, 6 days, 7 hours, 41 minutes

System returned to ROM by power-on

System image file is "flash0:c2900-universalk9-mz.SPA.152-4.M3.bin"

Last reload type: Normal Reload

Last reload reason: power-on

 

 

 

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

 

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

 

If you require further assistance please contact us by sending email to

export@cisco.com.

 

Cisco CISCO2911/K9 (revision 1.0) with 909312K/40960K bytes of memory.

Processor board ID FCZ172660ZE

3 Gigabit Ethernet interfaces

2 Serial(sync/async) interfaces

1 terminal line

1 Virtual Private Network (VPN) Module

8 Voice FXO interfaces

DRAM configuration is 64 bits wide with parity enabled.

255K bytes of non-volatile configuration memory.

250880K bytes of ATA System CompactFlash 0 (Read/Write)

 

 

License Info:

 

License UDI:

          

-------------------------------------------------

Device#   PID                   SN

-------------------------------------------------

*0        CISCO2911/K9          FCZ172660ZE    

 

 

 

Technology Package License Information for Module:'c2900'

 

-----------------------------------------------------------------

Technology    Technology-package           Technology-package

              Current       Type           Next reboot 

------------------------------------------------------------------

ipbase        ipbasek9      Permanent      ipbasek9

security      securityk9    Permanent      securityk9

uc            uck9          Permanent      uck9

data          None          None           None

 

Configuration register is 0x2102

ip flow-export source Loopback0
ip flow-export version 9
ip flow-export destination 172.31.32.40 9996

interface GigabitEthernet0/1
description Link to RT-9160103
ip address 10.202.16.27 255.255.0.0
ip access-group Allow-GRE in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip flow egress
ip ospf message-digest-key 1 md5 ****************
duplex auto
speed auto
no cdp enable
no mop enabled

interface Tunnel1627
description Link to RT-9160103- $BLR(SLC)$
ip address 10.208.16.105 255.255.255.252
ip flow ingress
ip flow egress
no ip route-cache cef
ip ospf cost 200
ip ospf message-digest-key 1 md5 ************
keepalive 10 3
tunnel source 10.202.16.27
tunnel destination 10.202.51.1
tunnel checksum

Labels:
0 Helpful
3 Replies 3

Bharat Chandani
Cisco Employee
Cisco Employee

‎09-18-2016 09:53 PM

It looks like CEF is not working for tunnel's traffic. Netflows are constructed only for CEF switched traffic.

We have "no ip route-cache cef" configured on inteface. Please remove this and check.

Could you please refer to the below mentioned logs:-

Show ip cef 10.202.51.1
show flow monitor test-flow cache
sh ip cache flow

0 Helpful

kaabiayman1
Level 1
Level 1
In response to Bharat Chandani

‎09-19-2016 05:05 AM

thanks for your reply,

i removed the ip route-cache cef but no change . i don't receive this interface.

please see these outputs 

RT-0162701#sh ip cef 10.202.51.1
10.202.51.1/32
attached to GigabitEthernet0/1
RT-0162701#
RT-0162701#
RT-0162701#
RT-0162701#sh flow monitor NFAINrecord cache
Cache type: Normal
Cache size: 4096
Current entries: 2
High Watermark: 5

Flows added: 3843
Flows aged: 3841
- Active timeout ( 60 secs) 3121
- Inactive timeout ( 15 secs) 720
- Event aged 0
- Watermark aged 0
- Emergency aged 0

IPV4 SOURCE ADDRESS: 10.202.51.1
IPV4 DESTINATION ADDRESS: 10.202.16.27
TRNS SOURCE PORT: 0
TRNS DESTINATION PORT: 0
INTERFACE INPUT: Gi0/1
IP VERSION: 4
IP TOS: 0xC0
IP PROTOCOL: 47
interface output: Null
counter bytes long: 1908
counter packets long: 20
timestamp abs first: 12:29:12.730
timestamp abs last: 12:29:59.110

IPV4 SOURCE ADDRESS: 10.202.51.1
IPV4 DESTINATION ADDRESS: 10.202.16.27
TRNS SOURCE PORT: 0
TRNS DESTINATION PORT: 0
INTERFACE INPUT: Gi0/1
IP VERSION: 4
IP TOS: 0x00
IP PROTOCOL: 47
interface output: Null
counter bytes long: 50263
counter packets long: 401
timestamp abs first: 12:29:45.770
timestamp abs last: 12:30:00.446


RT-0162701#
RT-0162701#
RT-0162701#
RT-0162701#sh ip cache flow
IP packet size distribution (2208587 total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480
.019 .019 .318 .218 .091 .023 .014 .008 .038 .008 .002 .010 .002 .001 .001

512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
.001 .004 .001 .015 .198 .000 .000 .000 .000 .000 .000

IP Flow Switching Cache, 278544 bytes
2 active, 4094 inactive, 16736 added
962692 ager polls, 0 flow alloc failures
Active flows timeout in 1 minutes
Inactive flows timeout in 15 seconds
IP Sub Flow Cache, 34056 bytes
0 active, 1024 inactive, 9569 added, 9569 added to flow
0 alloc failures, 0 force free
1 chunk, 0 chunks added
last clearing of statistics 5d02h
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
-------- Flows /Sec /Flow /Pkt /Sec /Flow /Flow
UDP-DNS 11 0.0 1 65 0.0 1.0 15.6
GRE 16725 0.0 132 378 5.0 54.4 2.7
Total: 16736 0.0 131 378 5.0 54.3 2.7

SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP Pkts
Gi0/1 10.202.51.1 Local 10.202.16.27 2F 0000 0000 19
Gi0/1 10.202.51.1 Local 10.202.16.27 2F 0000 0000 446
RT-0162701#
RT-0162701#

0 Helpful

kaabiayman1
Level 1
Level 1
In response to kaabiayman1

‎09-21-2016 06:42 AM

any update guys i need support to solve this problem.


0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card