Solved: Re: NTA Direction

hs08 · ‎06-24-2024

Hello,

If i execute command show flow monitor NTA-Mon cache format table i got this record.

From below picture how we can determine for every record the traffic is ingress or egress?

For example for record one, is the 10.103.248.66 download or upload to host 10.100.63.27?

MHM Cisco World · ‎06-25-2024

View solution in original post

Giuseppe Larosa · ‎06-24-2024

Hello @hs08 ,

the table says that 10.103.248.66 is the source address and 10.100.63.27 and it is seen on interface SVI Vlan 905.

What IP address is on interface Vlan 905 ?

probably looking at the table the subnet 10.103.248.0 is where Vlan 905 is.

You can also check the routing table for the destination address, if the next hop to the destination is not out of Vlan 905 you can consider the traffic as inbound received on SVI Vlan 905 to be routed to some other interface.

Hope to help

Giuseppe

hs08 · ‎06-24-2024

Hello @Giuseppe Larosa

Subnet 10.103.0.0/16 is remote subnet on branch, our local subnet is 10.100.0.0/16. Interface g0/1/1 is member of VLAN 905 and connected to the branch over WAN connection. Interface g0/1/0 is member of VLAN 602 which connected to the core switch.

Giuseppe Larosa · ‎06-25-2024

Hello @hs08 ,

what I can suggest you is to use two different flow monitor one to be used in ingress direction and one in egress direction.

This will solve your issue because you will see a table for each flow monitor.

Hope to help

Giuseppe

MHM Cisco World · ‎06-25-2024