Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1130
Views
0
Helpful
4
Replies

Netflow not recording in VRFs not on an interface

randy227
Level 1
Level 1

‎07-01-2021 10:50 PM

I'm not able see specific VRF traffic coming in from a tunnel configured with flow monitoring.  This tunnel is used to establish a VPNv4 BGP neighborship with another router that is generating the traffic.  I'm wanting to verify the traffic flow in a VRF as far as input and output traffic flow.  However, if the VRF is not configured on an interface netflow doesn't seem to be able to record the traffic.  I am able see traffic in a VRF so long as it goes into an interface configured in the VRF.  Below is my configuration example:

 

flow record Record
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match interface output
collect routing source as
collect routing vrf input
collect ipv4 tos
collect ipv4 dscp
collect ipv4 fragmentation flags
collect ipv4 fragmentation offset
collect transport tcp flags
collect counter bytes
collect counter packets
collect routing vrf output

flow exporter Exporter
destination DESTINATION ADDRESS vrf VRF_NAME
source Loopback99
transport udp 2055

 

flow monitor Monitor
exporter Exporter
cache timeout inactive 5
cache timeout active 60
cache entries 10000
record Record

 

interface Tunnel1234 <---Tunnel that router has MP-BGP neighbor ship with interesting traffic is coming from.

ip flow monitor Monitor input
ip flow monitor Monitor output

 

interface GigabitEthernet0/0/0.102 <---- Can see traffic in this VRF

encapsulation dot1Q 102
vrf forwarding VRF-102

ip flow monitor Monitor input
ip flow monitor Monitor output

 

Can not see traffic in VRF-114

 

Both VRFs are configured on a Cisco ASR1006 running 16.12.5.  Any suggestions to be able to monitor other VRF traffic without having an interface in the VRF?

Labels:
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎07-02-2021 01:13 AM

I would look first step, from this VRF are netflow server able to reach ?

 

are you able to netflow stats on the device on VRF ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

randy227
Level 1
Level 1

‎07-02-2021 06:26 AM

I think what you are asking is if the flow exporter is reachable within  the VRF.  Correct me if I am wrong but the flow exporter is used to send netflow traffic for consolidation to be viewed as historical data.  What I am trying to do in this case is see live data local to the router as it flows from one interface to another or local to the router.  This way I can immediately identify issues with routing as end-user traffic is generated.  The problem I having on this router is netflow is not seeing this traffic through the VRF and I'm not sure why.

0 Helpful

randy227
Level 1
Level 1

‎07-06-2021 06:47 AM

Also wanted to indicate this router has many VRFs that transit through it to other routers but only have interfaces in a few of the VRFs.  These interfaces I can see netflow traffic but not the VRFs that don't have an interface that traffic is flowing into or out of.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to randy227

‎07-06-2021 07:41 AM

VRF is seperate instance right, so to reach destination it required route.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents