Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7884
Views
5
Helpful
13
Replies

Flexible Netflow not working - 4331 Router

Go to solution
ittechk4u1
Level 4
Level 4

‎05-17-2017 10:31 PM - edited ‎03-05-2019 08:33 AM

Hello experts,

I am using these commands:

flow record NTArecord
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 collect ipv4 tos
 collect transport tcp source-port
 collect transport tcp destination-port
 collect transport tcp flags
 collect interface input
 collect interface output
 collect counter bytes
 collect counter packets
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last
!
exit
!
flow exporter NTAexport
source vlan 6
destination 192.168.2.18
transport udp 9995
export-protocol netflow-v5
template data timeout 60
!
exit
!
flow monitor NTAmonitor
exporter NTAexport
record NTArecord
cache timeout inact 15
cache timeout act 60
!
exit
!
interface vlan 6
ip flow monitor NTAmonitor input
!
Int gig0/0/0
ip flow monitor NTAmonitor input


Could you please check and find out the root cause why net-flow is  not working

Thanks in Advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to ittechk4u1

‎05-18-2017 01:15 AM

Hi

have you tried set the output too under vlan 6 interface too

can you ping the collector ok  192.168.2.18 ?

this is a base working one of one of my switches generally the same as whet you have , what  ios-xe version are you running on the router

ip flow monitor MonitorA input
ip flow monitor MonitorA output


flow record FLOW-RECORD
 description record to monitor network traffic
 match ipv4 tos
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 match interface input
 match interface output
 collect routing source as
 collect routing destination as
 collect routing next-hop address ipv4
 collect transport tcp flags
 collect counter bytes
 collect counter packets
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last
!
!
flow exporter NetQos
 description export Netflow traffic
 destination x.x.x.x
 source xxxxx
 template data timeout 300
 option interface-table timeout 1000
 option exporter-stats timeout 1000
!
!
flow monitor MonitorA
 description Used for ipv4 traffic analysis (Mapped To FLOW-RECORD)
 record FLOW-RECORD
 exporter NetQos
 statistics packet protocol

**************************************************************

#sh flow exporter statistics
Flow Exporter NetQos:
  Packet send statistics (last cleared 1y4w ago):
    Successfully sent:         84545041              (105302149547 bytes)
    No destination address:    24                    (30196 bytes)

  Client send statistics:
    Client: Option options interface-table
      Records added:           11924274
        - sent:                11924002
        - failed to send:      272
      Bytes added:             1192427400
        - sent:                1192400200
        - failed to send:      27200

    Client: Option options exporter-statistics
      Records added:           34172
        - sent:                34171
        - failed to send:      1
      Bytes added:             956816
        - sent:                956788
        - failed to send:      28

    Client: Flow Monitor MonitorA
      Records added:           2119324114
        - sent:                2119324063
      Bytes added:             99608233358
        - sent:                99608230961

View solution in original post

0 Helpful
13 Replies 13

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎05-18-2017 12:43 AM

hi looks ok in terms of config can you post the command output below , to see if the flows are generating in the router itself for netflow

show flow exporter statistics

Go to solution
ittechk4u1
Level 4
Level 4
In response to Mark Malone

‎05-18-2017 01:01 AM

Hi Mark,

here is the output:

Router2#show flow exporter statistics
Flow Exporter NTAexport:
  Packet send statistics (last cleared 00:09:50 ago):
    Successfully sent:         0                     (0 bytes)

  Client send statistics:
    Client: Flow Monitor NTAmonitor
      Records added:           0
      Bytes added:             0

Thanks

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to ittechk4u1

‎05-18-2017 01:15 AM

Hi

have you tried set the output too under vlan 6 interface too

can you ping the collector ok  192.168.2.18 ?

this is a base working one of one of my switches generally the same as whet you have , what  ios-xe version are you running on the router

ip flow monitor MonitorA input
ip flow monitor MonitorA output


flow record FLOW-RECORD
 description record to monitor network traffic
 match ipv4 tos
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 match interface input
 match interface output
 collect routing source as
 collect routing destination as
 collect routing next-hop address ipv4
 collect transport tcp flags
 collect counter bytes
 collect counter packets
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last
!
!
flow exporter NetQos
 description export Netflow traffic
 destination x.x.x.x
 source xxxxx
 template data timeout 300
 option interface-table timeout 1000
 option exporter-stats timeout 1000
!
!
flow monitor MonitorA
 description Used for ipv4 traffic analysis (Mapped To FLOW-RECORD)
 record FLOW-RECORD
 exporter NetQos
 statistics packet protocol

**************************************************************

#sh flow exporter statistics
Flow Exporter NetQos:
  Packet send statistics (last cleared 1y4w ago):
    Successfully sent:         84545041              (105302149547 bytes)
    No destination address:    24                    (30196 bytes)

  Client send statistics:
    Client: Option options interface-table
      Records added:           11924274
        - sent:                11924002
        - failed to send:      272
      Bytes added:             1192427400
        - sent:                1192400200
        - failed to send:      27200

    Client: Option options exporter-statistics
      Records added:           34172
        - sent:                34171
        - failed to send:      1
      Bytes added:             956816
        - sent:                956788
        - failed to send:      28

    Client: Flow Monitor MonitorA
      Records added:           2119324114
        - sent:                2119324063
      Bytes added:             99608233358
        - sent:                99608230961

0 Helpful

Go to solution
ittechk4u1
Level 4
Level 4
In response to Mark Malone

‎05-18-2017 01:17 AM

Yes I can ping the PRTG(192.168.2.18).

Version: isr4300-universalk9.03.16.04b.S.155-3.S4b-ext.SPA.bin"

Let me try your config...

Thnaks

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to ittechk4u1

‎05-18-2017 01:18 AM

im using that version image too so its not the software just to rule it out
0 Helpful

Go to solution
ittechk4u1
Level 4
Level 4
In response to Mark Malone

‎05-18-2017 01:33 AM

once i changed the version to 9....is ee this:

Router2#sh flow exporter  statistics
Flow Exporter NTAexport:
  Packet send statistics (last cleared 00:00:06 ago):
    Successfully sent:         2                     (292 bytes)

  Client send statistics:
    Client: Option options interface-table
      Records added:           0
      Bytes added:             0

    Client: Option options exporter-statistics
      Records added:           0
      Bytes added:             0

    Client: Flow Monitor NTAmonitor
      Records added:           6
        - sent:                6
      Bytes added:             282
        - sent:                282

Thanks

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to ittechk4u1

‎05-18-2017 01:36 AM

ok so it doesn't like the v5 command , can you just use v9 it works fine for us we dont have the v5 command set or is there a reason your trying to use v5 specifically for the collector ?

0 Helpful

Go to solution
ittechk4u1
Level 4
Level 4
In response to Mark Malone

‎05-18-2017 01:39 AM

On all other IOS router i am using version 5...

Now i configured to version 9...

here are the statistics:

Router2#sh flow exporter  statistics
Flow Exporter NTAexport:
  Packet send statistics (last cleared 00:05:02 ago):
    Successfully sent:         201                   (26364 bytes)

  Client send statistics:
    Client: Option options interface-table
      Records added:           0
      Bytes added:             0

    Client: Option options exporter-statistics
      Records added:           0
      Bytes added:             0

    Client: Flow Monitor NTAmonitor
      Records added:           536
        - sent:                536
      Bytes added:             25192
        - sent:                25192

But still PRTG is not showing anything

Thanks

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to ittechk4u1

‎05-18-2017 01:43 AM

the prtg may only be set to see v5 packets , im not 100% on how that works i dont use that particular app , there may be options for netflow versions im not sure on that

very strange the other routers are working fine on the v5 export though, is there any difference in config or ios or platform with the working and this non working 4331

0 Helpful

Go to solution
ittechk4u1
Level 4
Level 4
In response to Mark Malone

‎05-18-2017 01:48 AM

I have set the net-flow version 9 on PRTG.

All other router is IOS based(28XX and 29XX)...this is the first router with IOS-XE(4331..)

I will check the setting again on PRTG and come back here about the result...

Thanks

0 Helpful

Go to solution
ittechk4u1
Level 4
Level 4
In response to Mark Malone

‎05-18-2017 01:57 AM

So finally its working.

I needed to change the port..

For all other router with version 5 was using 9995 and now  used 2055 for version 9 and it worked.

Thanks mark.

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to ittechk4u1

‎05-18-2017 02:12 AM

ah very good , that's good to know thanks for posting that back

0 Helpful

Go to solution
ittechk4u1
Level 4
Level 4
In response to Mark Malone

‎05-18-2017 01:26 AM

Here is my new config:

flow record NTArecord
 description record to monitor network traffic
 match ipv4 tos
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 match interface input
 match interface output
 collect routing source as
 collect routing destination as
 collect routing next-hop address ipv4
 collect transport tcp flags
 collect counter bytes
 collect counter packets
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last
!
!
flow exporter NTAexport
 description export Netflow traffic
 destination 192.168.2.18
 source Vlan6
 transport udp 9995
 export-protocol netflow-v5
 template data timeout 300
 option interface-table timeout 1000
 option exporter-stats timeout 1000
!
!
flow monitor NTAmonitor
 exporter NTAexport
 statistics packet protocol
 record NTArecord

!

interface Vlan6
 ip flow monitor NTAmonitor input
 ip flow monitor NTAmonitor output

Router2#sh flow exporter statistics
Flow Exporter NTAexport:
  Packet send statistics (last cleared 00:01:38 ago):
    Successfully sent:         0                     (0 bytes)

  Client send statistics:
    Client: Flow Monitor NTAmonitor
      Records added:           0
      Bytes added:             0

Still Not working!!!!

Thanks

0 Helpful
Customers Also Viewed These Support Documents