Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1275
Views
0
Helpful
2
Replies

NDE Export

coulbournc
Community Member

‎07-09-2007 09:57 AM

Greetings,

I'm attempting to configure netflow export to an external collector. The NDE is set to use a particular IP address and port on a workstation. I can see udp traffic coming in but it is not recognized as netflow traffic by the application.

I see this when looking at the status:

cisco1>sh mls nde

Netflow Data Export enabled

Exporting flows to 192.168.1.65 (2055)

Exporting flows from 192.168.1.2 (57754)

Version: 7

Layer2 flow creation is enabled on vlan 1

Layer2 flow export is enabled on vlan 1

Include Filter not configured

Exclude Filter not configured

Total Netflow Data Export Packets are:

0 packets, 0 no packets, 0 records

Total Netflow Data Export Send Errors:

IPWRITE_NO_FIB = 0

IPWRITE_ADJ_FAILED = 0

IPWRITE_PROCESS = 0

IPWRITE_ENQUEUE_FAILED = 0

IPWRITE_IPC_FAILED = 0

IPWRITE_OUTPUT_FAILED = 0

IPWRITE_MTU_FAILED = 0

IPWRITE_ENCAPFIX_FAILED = 0

Netflow Aggregation Disabled

When I look at the flow config, I see:

cisco1>sh ip flow exp

Flow export v1 is enabled for main cache

Exporting flows to 192.168.1.65 (2055)

Exporting using source interface Vlan1

Version 1 flow records

1396 flows exported in 362 udp datagrams

0 flows failed due to lack of export packet

0 export packets were sent up to process level

0 export packets were dropped due to no fib

0 export packets were dropped due to adjacency issues

0 export packets were dropped due to fragmentation failures

0 export packets were dropped due to encapsulation fixup failures

0 export packets were dropped enqueuing for the RP

0 export packets were dropped due to IPC rate limiting

It appears NDE is not exporting the data but netflow is. I do not think this is what I'm looking to accomplish.

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎07-09-2007 01:19 PM

Charles

I am not sure that I know the answer, but I notice a couple of things. sh mls nde indicates that it is using version 7. the sh ip flow exp indicates that it is using verions 1. I wonder what version the collector is expecting. And if there is a mismatch that might explain why the collector is not recognizing its input as netflow traffic.

HTH

Rick

HTH

Rick
0 Helpful

Jan Nejman
Level 7
Level 7

‎07-12-2007 12:17 AM

Hello,

try configure netflow export version 5.

conf t

ip flow-export version 5

mls nde sender 5

The configuration seems OK, so problem will be on the collector part. You can test your configuration with another netflow collector (e.g. noncommercial flow-tools or any commercial). Our company develops netflow tools and it is fully compatible with netflow version 1,5,6,7 and 9. Please, verify that you haven't firewall rule that block incoming udp exports on your collector...

Bye Jan

Caligare co,

http://www.caligare.com

0 Helpful
Customers Also Viewed These Support Documents