Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1565
Views
0
Helpful
1
Replies

L2 NetFlow on N5K-C5696Q 7.3(2)N1(1)

Go to solution
Kostas Kyriakos
Level 1
Level 1

‎02-01-2018 02:49 AM - edited ‎03-01-2019 08:43 AM

Hello!

I have setup L2 NetFlow on a Nexus 5696Q running 7.3(2)N1(1) code as follows:

 

feature netflow
!
flow exporter mac-netflow-export
  destination 172.28.0.254 use-vrf management
  transport udp 2055
  version 9
!
sampler mac-netflow-sampler
  mode 1 out-of 1024
!
flow monitor mac-netflow-monitor
  record netflow layer2-switched input
  exporter mac-netflow-export
!

I am applying the monitor ingress to a port-channel as follows:

interface port-channel16
  switchport mode trunk
  switchport trunk allowed vlan 2101-2106,2196,2209-2212,3241
  spanning-tree port type edge trunk
  speed 10000
  vpc 16
  layer2-switched flow monitor mac-netflow-monitor input sampler mac-netflow-sampler

.

Port-channel 16 spans two 5696Q switches (using vPC 16) and the configuration above is applied ONLY on one of them for testing purposes.

The problem is that no flows are exported even though it looks that flows are created:

hostname# sh flow exporter 
Flow exporter mac-netflow-export:
    Destination: 172.28.0.254
    VRF: management (1)
    Destination UDP Port 2055
    Export Version 9
    Exporter Statistics
        Number of Flow Records Exported 0
        Number of Templates Exported 0
        Number of Export Packets Sent 0
        Number of Export Bytes Sent 0
        Number of Destination Unreachable Events 0
        Number of No Buffer Events 0
        Number of Packets Dropped (No Route to Host) 0
        Number of Packets Dropped (other) 0
        Number of Packets Dropped (LC to RP Error) 0
        Number of Packets Dropped (Output Drops) 358
        Time statistics were last cleared: Never

.

hostname# sh flow details 
        Total number of flows = 33 
        Maximum flow count = 524288 (constant) 
        IPV4 flow failure count = 0 
        IPV6 flow failure count = 0 
        mpls flow failure count = 0 
        l2 flow failure count = 0 
        input flow failure count = 0 
        output flow failure count = 0 
        glbl_flow_cnt_create_total = 7957 
        glbl_flow_cnt_delete_total = 7924

.

hostname# sh flow record netflow layer2-switched input 
Flow record netflow layer2-switched input:
    Description: layer2-switched input NetFlow
    No. of users: 1
    Template ID: 259
    Fields:
        match interface input
        match interface output
        match datalink mac source-address
        match datalink mac destination-address
        match datalink source-vlan-id
        match datalink ethertype
        match flow direction
        collect counter bytes
        collect counter packets
        collect timestamp sys-uptime first
        collect timestamp sys-uptime last

Any thoughts as to why this is the case?

 

Thanks in advance.

 

Regards,

Kostas

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kostas Kyriakos
Level 1
Level 1

‎02-01-2018 08:45 AM

To answer my own question, it seems that the source interface under the exporter configuration is required.

flow exporter mac-netflow-export
  destination 172.28.0.254 use-vrf management
  transport udp 2055
  source mgmt0 !--- Missing command from original configuration
  version 9

Once this was done, flows started exporting (and dropped where zeroed):

hostname# sh flow exporter 
Flow exporter mac-netflow-export:
    Destination: 172.28.0.254
    VRF: management (1)
    Destination UDP Port 2055
    Source Interface mgmt0 (172.17.1.25)
    Export Version 9
    Exporter Statistics
        Number of Flow Records Exported 433
        Number of Templates Exported 3
        Number of Export Packets Sent 165
        Number of Export Bytes Sent 22072
        Number of Destination Unreachable Events 0
        Number of No Buffer Events 0
        Number of Packets Dropped (No Route to Host) 0
        Number of Packets Dropped (other) 0
        Number of Packets Dropped (LC to RP Error) 0
        Number of Packets Dropped (Output Drops) 0
        Time statistics were last cleared: Thu Feb  1 18:03:25 2018

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Kostas Kyriakos
Level 1
Level 1

‎02-01-2018 08:45 AM

To answer my own question, it seems that the source interface under the exporter configuration is required.

flow exporter mac-netflow-export
  destination 172.28.0.254 use-vrf management
  transport udp 2055
  source mgmt0 !--- Missing command from original configuration
  version 9

Once this was done, flows started exporting (and dropped where zeroed):

hostname# sh flow exporter 
Flow exporter mac-netflow-export:
    Destination: 172.28.0.254
    VRF: management (1)
    Destination UDP Port 2055
    Source Interface mgmt0 (172.17.1.25)
    Export Version 9
    Exporter Statistics
        Number of Flow Records Exported 433
        Number of Templates Exported 3
        Number of Export Packets Sent 165
        Number of Export Bytes Sent 22072
        Number of Destination Unreachable Events 0
        Number of No Buffer Events 0
        Number of Packets Dropped (No Route to Host) 0
        Number of Packets Dropped (other) 0
        Number of Packets Dropped (LC to RP Error) 0
        Number of Packets Dropped (Output Drops) 0
        Time statistics were last cleared: Thu Feb  1 18:03:25 2018
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card