Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
959
Views
5
Helpful
10
Replies

Interface in/outbound conversation is not show on the network analyzer

Pafum
Level 1
Level 1

‎12-05-2022 10:02 AM

the net- analysis -Ingress/egress is configure but the the interface in/out bound conversation is not showed on the network traffic analyzer (LiveNX). Need help pls below is the flow config summary 

cort01-ipv6#sh run | sec flow
!
flow record NET-ANALYSIS-INGRESS
match flow direction
match ipv4 tos 
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface output
collect ipv4 ttl minimum
collect ipv4 ttl maximum
collect transport tcp flags
collect timestamp sys-uptime first
collect timestamp sys-uptime last
collect application name
collect counter bytes
collect counter packets
collect flow sampler
collect ipv4 destination mask
collect ipv4 dscp
collect ipv4 id
collect ipv4 source mask
collect ipv4 source prefix
collect routing destination as
collect routing next-hop address ipv4
collect routing source as

!
flow record NET-ANALYSIS-EGRESS
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect ipv4 ttl minimum
collect ipv4 ttl maximum
collect transport tcp flags
collect timestamp sys-uptime first
collect timestamp sys-uptime last
collect application name
collect counter bytes
collect counter packets
collect flow sampler
collect interface output
collect ipv4 destination mask
collect ipv4 dscp
collect ipv4 id
collect ipv4 source mask
collect ipv4 source prefix
collect routing destination as
collect routing next-hop address ipv4
collect routing source as
flow record FLOW-RECORD-1
collect interface input
!
flow exporter FLOW-EXPORTER-LIVEACTION
destination 10.238.13.116 vrf VAVRF
source Loopback0
transport udp 2055
export-protocol ipfix
option interface-table
option vrf-table
option application-table
option c3pl-class-table
option c3pl-policy-table
flow exporter FLOW-EXPORTER-EFFICIENCY-REPORT-LAB
destination 10.252.1.5 vrf VAVRF
source Loopback0
transport udp 2055
export-protocol ipfix
option interface-table
option vrf-table
option application-table
option c3pl-class-table
option c3pl-policy-table
flow monitor NET-ANALYSIS-EGRESS
exporter FLOW-EXPORTER-LIVEACTION
exporter FLOW-EXPORTER-EFFICIENCY-REPORT-LAB
cache timeout inactive 10
cache timeout active 60
record NET-ANALYSIS-EGRESS
flow monitor NET-ANALYSIS-INGRESS
exporter FLOW-EXPORTER-LIVEACTION
exporter FLOW-EXPORTER-EFFICIENCY-REPORT-LAB
cache timeout inactive 10
cache timeout active 60
record NET-ANALYSIS-INGRESS
ip flow monitor NET-ANALYSIS-EGRESS output
ip flow monitor NET-ANALYSIS-INGRESS output
ip flow monitor NET-ANALYSIS-EGRESS output
ip flow monitor NET-ANALYSIS-INGRESS output
ip flow monitor NET-ANALYSIS-INGRESS input
ip flow monitor NET-ANALYSIS-EGRESS output
ip flow monitor NET-ANALYSIS-INGRESS input
ip flow monitor NET-ANALYSIS-EGRESS output

Labels:
0 Helpful
10 Replies 10

balaji.bandi
Hall of Fame
Hall of Fame

‎12-05-2022 10:10 AM

low exporter FLOW-EXPORTER-LIVEACTION
destination 10.238.13.116 vrf VAVRF
source Loopback0

 

as per the config you using VRF and source as loopback0  - loopback belong to vrf ?

what is the output :

show ip flow export
show ip flow interface

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Pafum
Level 1
Level 1
In response to balaji.bandi

‎12-05-2022 01:06 PM

yes I got that

show run | sec flow export

flow exporter FLOW-EXPORTER-LIVEACTION
destination 10.238.13.116 vrf VAVRF
source Loopback0

0 Helpful

Pafum
Level 1
Level 1
In response to Pafum

‎12-05-2022 01:13 PM

still cannot able to access. 

I just checked flow record NET-ANALYSIS-INGRESS

It missing a statement " collect interface input" and match interface out is present. can this be and issue? if so how to resolve it

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Pafum

‎12-06-2022 02:45 AM

 

source Loopback0  - is this belong to VRF

show run interface loopback0 ?

here is working config :

https://www.balajibandi.com/?p=1383

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Pafum
Level 1
Level 1
In response to balaji.bandi

‎12-08-2022 12:06 PM

Again I tried to config the missing statement on the flow record NET-ANALYSIS-INGRESS ( collect interface input) but it given me this statement -" % Flow Record: Failed to field add: Object is in use".  how can I resolve it 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Pafum

‎12-08-2022 12:17 PM

if the flow monitor is used in the interface you need to remove it before configuring : (no flow monitor and no flow record no flow export)

You must use the no ip flow monitor command to remove a flow monitor from all of the interfaces to which you have applied it before you can modify the parameters for the record command on the flow monitor.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Pafum
Level 1
Level 1
In response to Pafum

‎12-08-2022 12:23 PM

cort02-ipv6(config)#flow record NET-ANALYSIS-INGRESS
cort02-ipv6(config-flow-record)#collect interface input
% Flow Record: Failed to field add: Object is in use

this is the issue I am facing right now. can I get some help to fix this 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Pafum

‎12-08-2022 12:38 PM

% Flow Record: Failed to field add: Object is in use.

You must use the no ip flow monitor command to remove a flow monitor from all of the interfaces to which you have applied it before you can modify the parameters for the record command on the flow monitor.

Example :

config t

interface x/x

no ip flow monitor NET-ANALYSIS-INGRESS input
no ip flow monitor NET-ANALYSIS-EGRESS output

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Pafum
Level 1
Level 1
In response to balaji.bandi

‎12-08-2022 12:52 PM

still having the same issue. just take off all ip flow monitor, try again still .

see below

cort02-ipv6(config-if)#exit
cort02-ipv6(config)#Interface GigabitEthernet1/0/0
cort02-ipv6(config-if)#$monitor NET-ANALYSIS-INGRESS input
cort02-ipv6(config-if)#$monitor NET-ANALYSIS-EGRESS output
cort02-ipv6(config-if)#exit
cort02-ipv6(config)#Interface GigabitEthernet1/0/4
cort02-ipv6(config-if)#$monitor NET-ANALYSIS-INGRESS input
cort02-ipv6(config-if)#$monitor NET-ANALYSIS-EGRESS output
cort02-ipv6(config-if)#exit
cort02-ipv6(config)#Interface GigabitEthernet1/0/5
cort02-ipv6(config-if)#$monitor NET-ANALYSIS-INGRESS input
cort02-ipv6(config-if)#$monitor NET-ANALYSIS-EGRESS output
cort02-ipv6(config-if)#
cort02-ipv6(config-if)#
cort02-ipv6(config-if)#
cort02-ipv6(config-if)#
cort02-ipv6(config-if)#exit
cort02-ipv6(config)#do sh flow interface
cort02-ipv6(config)#flow record NET-ANALYSIS-INGRESS
cort02-ipv6(config-flow-record)#collect interface input
% Flow Record: Failed to field add: Object is in use
cort02-ipv6(config-flow-record)#

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Pafum

‎12-08-2022 12:56 PM

can you post show run (removing any confidential information)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card