Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
473
Views
0
Helpful
0
Replies

Cisco 2901C2901 15.4(3)M3 Netflow configuration not working

vasil.georgiev
Level 1
Level 1

‎01-26-2022 01:45 PM - edited ‎01-26-2022 11:48 PM

Hi All,

 

I am trying to implement Flexible NetFlow on 2901C2901 15.4(3)M3 

flows were not getting exported from the device.

I tried checking this with Wireshark and no netflow traffic was seen.

Please let me know if you can think of anything. 

 

 


show run
Building configuration...


Current configuration : 7380 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RTR-TEST
!
boot-start-marker
boot-end-marker
!
!
logging buffered 4096
no logging console
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization console
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
errdisable recovery cause udld
errdisable recovery cause bpduguard
errdisable recovery cause rootguard
errdisable recovery cause pagp-flap
errdisable recovery cause dtp-flap
errdisable recovery cause link-flap
errdisable recovery interval 600
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
!
!
ip flow-cache timeout active 1
no ip domain lookup
ip domain name ############(hiding this)
ip multicast-routing
ip multicast heartbeat 239.3.21.51 1 10 10
ip multicast heartbeat 239.8.11.81 1 1 10
ip cef
no ipv6 cef
!
flow exporter FNDexp
destination 10.25.17.5
source GigabitEthernet0/1.15
transport udp 9996
!
!
flow record FNFREC
match routing is-multicast
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect routing forwarding-status
collect routing multicast replication-factor
collect ipv4 dscp
collect ipv4 ttl
collect ipv4 source mask
collect ipv4 destination mask
collect interface input
collect interface output
collect counter bytes
collect counter packets
collect counter bytes replicated
collect counter packets replicated
collect timestamp sys-uptime first
collect timestamp sys-uptime last
!
!
flow monitor FNFMON
exporter FNDexp
record FNFREC
!
multilink bundle-name authenticated
!
!
!
!
!
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-1629017464
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1629017464
revocation-check none
rsakeypair TP-self-signed-1629017464
!
!
crypto pki certificate chain TP-self-signed-1629017464
voice-card 0
!
!
!
!
!
!
!
!
license udi pid CISCO2901/K9 sn ############(hiding this)
hw-module pvdm 0/0
!
!
!
vtp domain ############(hiding this)
vtp mode transparent
vtp version 2
username ############(hiding this) privilege 15 ############(hiding this)
username ############(hiding this) privilege 15 secret ############(hiding this)
!
redundancy
!
!
ip ssh rsa keypair-name KEYPAIR
ip ssh version 2
class-map type multicast-flows mc-vlan1
!
class-map type multicast-flows mc-vlan10
group 239.3.111.1
!
class-map type multicast-flows mc-vlan17
group 239.8.11.1
group 239.3.106.1
group 239.3.105.1
group 239.3.104.1
group 239.3.103.1
group 239.3.102.1
group 239.3.101.1
group 239.3.26.51
group 239.3.25.51
group 239.3.24.51
group 239.3.23.51
group 239.3.21.51
group 239.3.21.52
group 239.3.20.51
group 239.3.20.52
group 239.3.1.1
group 239.3.0.1
group 239.8.11.81
group 225.8.11.81
group 239.3.10.1
group 239.3.10.2
group 239.3.10.3
group 239.3.10.4
group 239.3.10.5
group 239.3.21.1
group 239.3.0.21
group 239.3.99.52
group 239.3.111.1
group 239.3.17.19
group 239.3.99.54
group 239.3.20.53
group 239.3.17.20
!
class-map type multicast-flows mc-vlan11
group 239.3.102.1
group 239.3.1.1
group 239.3.0.1
group 239.3.112.1
!
class-map type multicast-flows mc-vlan13
group 239.3.102.1
group 239.3.1.1
group 239.3.0.1
group 239.3.113.1
!
class-map type multicast-flows mc-vlan14
group 239.3.105.1
group 239.3.1.1
group 239.3.0.1
group 239.3.115.1
!
class-map type multicast-flows mc-vlan15
group 239.3.106.1
group 239.3.1.1
group 239.3.0.1
!
class-map type multicast-flows mc-vlan20
group 239.3.26.51
group 239.3.25.51
group 239.3.24.51
group 239.3.23.51
group 239.3.21.51
group 239.3.21.52
group 239.3.20.51
group 239.3.20.52
group 239.3.20.53
!
class-map type multicast-flows mc-vlan21
group 239.3.21.51
group 239.3.21.52
!
class-map type multicast-flows mc-vlan23
group 239.3.23.51
!
class-map type multicast-flows mc-vlan24
group 239.3.24.51
!
class-map type multicast-flows mc-vlan25
group 239.3.25.51
!
class-map type multicast-flows mc-vlan30
group 239.8.11.1
group 239.8.11.81
group 225.8.11.81
!
class-map type multicast-flows mc-vlan33
group 239.8.11.1
group 239.8.11.81
group 225.8.11.81
!
bridge irb
!
!
!
!
interface Loopback0
ip address 10.25.255.254 255.255.255.255
ip pim sparse-mode
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
ip flow monitor FNFMON input
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
ip flow monitor FNFMON input
ip flow ingress
duplex auto
speed auto
!
interface GigabitEthernet0/1.12
encapsulation dot1Q 12
ip flow monitor FNFMON input
ip flow ingress
bridge-group 12
!
interface GigabitEthernet0/1.15
encapsulation dot1Q 15
ip unnumbered BVI15
ip flow monitor FNFMON input
bridge-group 15
!
interface GigabitEthernet0/1.17
encapsulation dot1Q 17
ip unnumbered BVI17
bridge-group 17
!
interface GigabitEthernet0/1.18
encapsulation dot1Q 18
ip unnumbered BVI18
ip flow monitor FNFMON input
bridge-group 18
!
interface GigabitEthernet0/1.19
ip flow monitor FNFMON input
!
interface GigabitEthernet0/1.20
description Gig-01.20-VLAN20
encapsulation dot1Q 20
ip flow monitor FNFMON input
bridge-group 20
!
interface GigabitEthernet0/1.25
description Gig-01.25-VLAN25
encapsulation dot1Q 99
ip flow monitor FNFMON input
bridge-group 99
!
interface BVI15
ip address 10.25.15.241 255.255.255.0
ip pim sparse-mode
standby version 2
standby 15 ip 10.25.15.254
standby 15 timers 15 255
standby 15 priority 110
standby 15 preempt
standby 15 name hsrp15
ip igmp static-group class-map mc-vlan17
!
interface BVI17
ip address 10.25.17.241 255.255.255.0
ip pim sparse-mode
standby version 2
standby 17 ip 10.25.17.254
standby 17 timers 15 30
standby 17 priority 110
standby 17 preempt
standby 17 name hsrp17
ip igmp static-group class-map mc-vlan17
!
interface BVI18
ip address 10.25.18.241 255.255.255.0
ip pim sparse-mode
standby version 2
standby 18 ip 10.25.18.254
standby 18 timers 15 255
standby 18 priority 110
standby 18 preempt
standby 18 name hsrp18
ip igmp static-group class-map mc-vlan17
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip flow-export source GigabitEthernet0/1.15
ip flow-export version 9
ip flow-export template timeout-rate 1
ip flow-export destination 10.25.17.5 9996
!
ip pim rp-candidate Loopback0 priority 5
ip route 10.25.255.251 255.255.255.255 10.25.18.240
ip route 10.25.255.253 255.255.255.255 10.25.18.243
!
logging trap critical
!
!
snmp-server community ############(hiding this)
snmp-server ifindex persist
!
!
!
control-plane
!
bridge 14 protocol ieee
bridge 15 protocol ieee
bridge 15 route ip
bridge 17 protocol ieee
bridge 17 route ip
bridge 18 protocol ieee
bridge 18 route ip
bridge 100 protocol ieee
bridge 171 protocol ieee
!
!
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
exec-timeout 520 0
transport input ssh
!
scheduler allocate 20000 1000
!
end

 

 

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card