Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1242
Views
1
Helpful
9
Replies

Netflow doesnt work on SVI interface.

mathewmnu2
Level 1
Level 1

‎01-30-2024 09:09 AM

Hey all,

Looks like my netflow configured on SVI does not work- however physical interface works without any problem. For example as per below config GigabitEthernet0/0/1 works but GigabitEthernet0/1/0 does not work which is part of an SVI. Not sure if i have to add any config on flow record ? 

flow record netflow-sites
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match flow sampler
match application name account-on-resolution
collect routing source as
collect routing destination as
collect routing next-hop address ipv4
collect ipv4 source mask
collect ipv4 destination mask
collect transport tcp flags
collect interface output
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last
!
!
flow exporter netflow
destination x.x.x.x
source Loopback200
transport udp 2055
option application-table
!
!
flow monitor netflow-nbar
exporter netflow
record netflow-sites

 


interface Loopback200
ip flow monitor netflow-nbar input
ip flow monitor netflow-nbar output
ip address x.x.x.x 255.255.255.255


interface GigabitEthernet0/0/1
ip flow monitor netflow-nbar input
ip flow monitor netflow-nbar output
ip address x.x.x.x 255.255.255.224


interface Vlan30
ip vrf forwarding INTERNET
ip flow monitor netflow-nbar input
ip flow monitor netflow-nbar output


interface GigabitEthernet0/1/0
switchport access vlan 30
no cdp enable

 

thanks

Matthew 

Labels:
0 Helpful
9 Replies 9

balaji.bandi
Hall of Fame
Hall of Fame

‎01-30-2024 10:14 AM

what is the Model of the device and what IOS code running - so we know the environment what we are trying to troubleshooting here.

is this typo or VLAN30 have IP address ? (bear in mind VLAN 30 in VRF ?)

May be try example below : if the IOS code support that features.

flow record netflow-sites

match routing vrf input

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mathewmnu2
Level 1
Level 1
In response to balaji.bandi

‎01-31-2024 03:11 AM

Hello

NAME: "Chassis", DESCR: "Cisco ISR4321 Chassis"
isr4300-universalk9.17.03.05.SPA.bin"

is the vlan30 has ip address configured.

thanks 

Mathew 

0 Helpful

mathewmnu2
Level 1
Level 1
In response to balaji.bandi

‎01-31-2024 03:47 AM - edited ‎01-31-2024 06:43 AM

Getting below when trying to add the command suggested

 

0 Helpful

MHM Cisco World
VIP
VIP

‎01-30-2024 10:20 AM

I think as @balaji.bandi  mentioned the issue with vrf 

Check this link 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/xe-3se/3850/fnf-ing-vrf.html

MHM

0 Helpful

mathewmnu2
Level 1
Level 1

‎01-31-2024 05:54 AM - edited ‎01-31-2024 06:43 AM

 

Applied command match routing vrf input to exporter - however it didnt make any difference.

#show ip cache flow
IP packet size distribution (0 total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480
.000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000

512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
.000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000

IP Flow Switching Cache, 0 bytes
0 active, 0 inactive, 0 added
0 ager polls, 0 flow alloc failures
Active flows timeout in 30 minutes
Inactive flows timeout in 15 seconds
last clearing of statistics never
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
-------- Flows /Sec /Flow /Pkt /Sec /Flow /Flow

SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP Pkts

0 Helpful

MHM Cisco World
VIP
VIP
In response to mathewmnu2

‎01-31-2024 06:05 AM

match ipv4  version <- add this under flow record 

And remove natch routing vrf input from export 

Check if not work share last config you use

MHM

0 Helpful

mathewmnu2
Level 1
Level 1
In response to MHM Cisco World

‎01-31-2024 06:25 AM

sure - will try and get back.

fyi - netflow works fine on other interfaces - it is on interfaces with vrf config it does not work.

thanks 

Mathew 

MHM Cisco World
VIP
VIP
In response to mathewmnu2

‎01-31-2024 06:39 AM

Goodluck friend 

MHM

0 Helpful

mathewmnu2
Level 1
Level 1
In response to MHM Cisco World

‎01-31-2024 06:41 AM

 

changed as suggested - however no difference

match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match flow sampler
match application name account-on-resolution
match ipv4 version
collect routing source as
collect routing destination as
collect routing next-hop address ipv4
collect ipv4 source mask
collect ipv4 destination mask
collect transport tcp flags
collect interface output
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last

 

show ip cache flow
IP packet size distribution (0 total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480
.000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000

512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
.000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000

IP Flow Switching Cache, 0 bytes
0 active, 0 inactive, 0 added
0 ager polls, 0 flow alloc failures
Active flows timeout in 30 minutes
Inactive flows timeout in 15 seconds
last clearing of statistics never
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
-------- Flows /Sec /Flow /Pkt /Sec /Flow /Flow

SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP Pkts

0 Helpful
Customers Also Viewed These Support Documents