Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3292
Views
0
Helpful
5
Replies

netflow and management interface again

Go to solution
tiwang
Level 3
Level 3

‎11-02-2021 03:19 AM

hi out there

I have a couple of Cisco ISR 4431 routers with IOSXE 16.12 running with a INTERNET vrf and the default Mgmt-intf vrf for management.

Now have I defined a netflow exporter with source from Gig 0 - in vrf Mgmt-intf - and flow recorder collecting from interfaces in vrf INTERNET - and I of course got a bit surprised that apparently it doesnt export any data to our Solarwinds poller.

 

Is there a simple way to trix that ? - here is my config for the Exporter:

flow exporter SWExport
destination 192.168.1.100 -> server reached trough Mgmt-intf VRF
source GigabitEthernet0
transport udp 2055
template data timeout 120
option application-table timeout 120
option application-attributes timeout 300

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marce1000
VIP
VIP

‎11-02-2021 04:10 AM

 

 - This may not be supported , check these threads :

         https://community.cisco.com/t5/network-management/no-netflow-export-on-management-interface-gig0-of-isr-4431/td-p/2992691

        https://community.cisco.com/t5/network-management/unable-to-export-netflow-on-asr1006-gig0-interface/td-p/3880565

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

View solution in original post

0 Helpful
5 Replies 5

Go to solution
marce1000
VIP
VIP

‎11-02-2021 04:10 AM

 

 - This may not be supported , check these threads :

         https://community.cisco.com/t5/network-management/no-netflow-export-on-management-interface-gig0-of-isr-4431/td-p/2992691

        https://community.cisco.com/t5/network-management/unable-to-export-netflow-on-asr1006-gig0-interface/td-p/3880565

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎11-02-2021 04:48 AM

So you looking to 2 VRF one source VRF in different VRF and destination sending different different VRF ?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
tiwang
Level 3
Level 3
In response to balaji.bandi

‎11-02-2021 05:31 AM

well - not really - the problem here is the vrf Mgmt-intf - this router is a internet edge router where the management interface is used to connect internally - and therefor would be the simplest and cleanest way to get the netflow to our SolarWinds servers 

So yes - I try to use 2 vrf's but the problem her is that the only vrf which has access to our network as it is now is the management vrf Mgmt-vrf - how does other solve this in a elegant way?

0 Helpful

Go to solution
tiwang
Level 3
Level 3

‎11-02-2021 06:39 AM

looks as if the vrf Mgmt-intf is not useable as source for the netflow setup. The simplest solution is probably to bang the sessions trough our firewall from the vrf INTERNET 

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to tiwang

‎11-02-2021 08:07 AM

yes you can use destination as VRF Managment to sent to Netflow Server, that can be as Source you are correct.

 

yes easy way do it better as you mentioned. glad all good.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents