Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3068
Views
5
Helpful
1
Replies

Netflow On Tunnel interface

GRANT3779
Spotlight

‎01-30-2015 03:25 AM - edited ‎03-05-2019 12:41 AM

Hi All,

If I have the following Tunnel Interface with IP flow Egress configured. Should I be able to see traffic conversations egressing the Tunnel Interface or has encryption happened by this point? I'm not seeing any traffic and wondering if I have my flow commands in the wrong place. Netflow in general is working as If I add the "ip flow" commands to say the LAN Interface I start seeing traffic. I'm really only interested in specific traffic though and certain tunnels

interface Tunnel1
 description TestTunnel
 ip address 172.27.240.69 255.255.255.252
 ip mtu 1400
 ip flow egress
 ip virtual-reassembly
 qos pre-classify
 tunnel source FastEthernet0/0
 tunnel destination x.x.x.x
 tunnel protection ipsec profile TEST

 

#sh run | sec flow
ip flow-cache timeout active 1
ip multicast netflow rpf-failure
 ip flow egress
ip flow-export version 5
ip flow-export destination 172.16.3.9 2055
ip flow-top-talkers
 top 10
 sort-by bytes

 

Thanks

 

 

Labels:
0 Helpful
1 Reply 1

Cisco Freak
Level 4
Level 4

‎02-01-2015 01:21 AM

Hi,

Please use the command ' ip route-cache flow ' under the tunnel interface to enable netflow in that interface.

ip flow ingress and egress commands are only for the physical interfaces.

 

CF

Customers Also Viewed These Support Documents
Top