Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14779
Views
0
Helpful
4
Replies

Flexible NetFlow Configuration

Go to solution
zekebashi
Level 4
Level 4

‎11-15-2019 01:03 PM

Hello,

 

I was trying to configure Flexible Netflow on C9500 running Fuji 16.09.04 and ran into an issue. When I try to assign an ip flow monitor to an SVI, the command is rejected. Here's the output from the cli "SW-A(config-if)#ip flow monitor standardMonitor input % Flow Monitor: Failed to add monitor to interface: flexible netflow not supported on vlan interfaces.

Here's the Flexible Netflow configured:

 


flow record "standardRecord"
match ipv4 source address
match ipv4 destination address
match ipv4 protocol
match transport source-port
match transport destination-port
match ipv4 tos
match interface input
match interface output
collect counter bytes long
collect counter packets long
!

flow exporter "standardExporter_UDP_9995"
destination 10.1.10.40
source Loopback100
transport udp 9995
export-protocol netflow-v9
!
!
flow exporter "standardExporter_UDP_2055"
destination 10.1.10.176
source Loopback100
transport udp 2055
export-protocol netflow-v9

!
!
flow monitor standardMonitor
exporter "standardExporter_UDP_2055"
exporter "standardExporter_UDP_9995"
cache timeout active 60
record "standardRecord"

!

!

interface Vlan110
ip flow monitor standardMonitor input

!!!!!!!!! Error produced!!!!!

SW-A(config-if)#ip flow monitor standardMonitor input % Flow Monitor: Failed to add monitor to interface: flexible netflow not supported on vlan interfaces.

 

 

Any ideas?

 

Thanks in advance,

~zK

 

 

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni
In response to zekebashi

‎11-16-2019 04:54 AM

Yes, you can do it to different monitos and/or vlans. Use the same syntax.

Mark as solved and helpful it, it will help other users

Regards,
Jaderson Pessoa
*** Rate All Helpful Responses ***

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni

‎11-15-2019 02:40 PM - edited ‎11-15-2019 02:41 PM

try it:

vlan configuration   1,2,3-5  ( choice your vlans )
ip flow monitor standardMonitor input

Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

Go to solution
zekebashi
Level 4
Level 4
In response to Jaderson Pessoa

‎11-15-2019 02:52 PM

Thanks for your response. That didn't work! Here's the output produced after applying your suggested configs:

 

 

 

SW-A(config-vlan-config)#ip flow monitor standardMonitor input
% Flow Monitor: Flow Monitor 'standardMonitor' Unsupported key field "interface output" for ip traffic in Input direction

 

DMZSW-A(config-vlan-config)#ip flow monitor standardMonitor out
% Flow Monitor: Flow Monitor 'standardMonitor' Unsupported key field "interface input" for ip traffic in Output direction

 

Any other ideas?

 

Best, ~zK

0 Helpful

Go to solution
zekebashi
Level 4
Level 4
In response to Jaderson Pessoa

‎11-15-2019 03:29 PM

OK, so I had to create a user-defied records and use the command you suggested and that worked. However, the use of that command seem to have created a new command/syntax in the running configuration file which I have never seen before nor do I understand what it does. Is this command linked to the L3 VLAN 110 or L2 VLAN 110?

 


vlan configuration 110
ip flow monitor MONITOR_IN input
ip flow monitor MONITOR_OUT output

!

!

||||||||||||  Flexible Netflow Commands used |||||||||||||

 

flow record RECORD-IN
match flow direction
match interface input
match ipv4 destination address
match ipv4 protocol
match ipv4 source address
match ipv4 tos
match transport destination-port
match transport source-port
collect counter bytes long
collect counter packets long
collect interface output
collect transport tcp flags

flow record RECORD_OUT
match flow direction
match interface output
match ipv4 destination address
match ipv4 protocol
match ipv4 source address
match ipv4 tos
match transport destination-port
match transport source-port
collect counter bytes long
collect counter packets long
collect interface input
collect transport tcp flags
!
!

flow exporter Exporter_UDP_9995
 destination 10.1.6.40
 source Loopback100
 transport udp 9995

flow exporter Exporter_UDP_2055
 destination 10.1.6.176
 source Loopback100
 transport udp 2055
!
!
flow monitor MONITOR_IN
 exporter Exporter_UDP_2055
 exporter Exporter_UDP_9995
cache timeout inactive 10
cache timeout active 60
record RECORD_IN
!
flow monitor MONITOR_OUT
 exporter Exporter_UDP_2055
 exporter Exporter_UDP_9995
cache timeout inactive 10
cache timeout active 60
record RECORD_OUT
!
SW-A#config t
SW-A(config-vlan-config)#vlan configuration 110 
SW-A(config-vlan-config)#ip flow monitor MONITOR_IN input
SW-A(config-vlan-config)#ip flow monitor MONITOR_OUT output


 

 

Thanks in advance, ~zK

0 Helpful

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni
In response to zekebashi

‎11-16-2019 04:54 AM

Yes, you can do it to different monitos and/or vlans. Use the same syntax.

Mark as solved and helpful it, it will help other users

Regards,
Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card