I recently deployed Flexible NetFlow on some of my 2821 routers (Version 12.4(9)T3). This was required because I needed to export my flow records via an IPSEC / GRE tunnel, and traditional NetFlow wouldn't encapsulate within the IPSEC tunnel. So I migrated to Flexible NetFlow. As soon as I did this all DNS queries from hosts on the inside network began to fail. has anyone seen this issue? Is there a fix? Currently I have simply turned off NetFlow collection on the routers in question.

Config:

flow exporter StoFlowExporter

destination 10.x.x.x

source GigabitEthernet0/0.461

transport udp 2055

!

flow monitor StoNetFlow

record netflow ipv4 original-input

exporter StoFlowExporter

!

interface GigabitEthernet0/0.461

description LAN

encapsulation dot1Q 461

ip address 10.x.x.x 255.255.255.0

ip access-group LAN_Outbound in

ip flow monitor StoNetFlow input

ip nat inside

ip virtual-reassembly

Thanks,