4500x VSS Netflow problem

Denis Orlov · ‎09-01-2016

Hi. We faced with this problem too.

What we have at this time:

1) Two 4500x in VSS.

SW-C4500X-CORE#sh switch virtual 

Executing the command on VSS member switch role = VSS Active, id = 1


Switch mode                  : Virtual Switch
Virtual switch domain number : 20
Local switch number          : 1
Local switch operational role: Virtual Switch Active
Peer switch number           : 2
Peer switch operational role : Virtual Switch Standby

Executing the command on VSS member switch role = VSS Standby, id = 2


Switch mode                  : Virtual Switch
Virtual switch domain number : 20
Local switch number          : 2
Local switch operational role: Virtual Switch Standby
Peer switch number           : 1
Peer switch operational role : Virtual Switch Active
SW-C4500X-CORE#

SW-C4500X-CORE#sh switch virtual role 

Executing the command on VSS member switch role = VSS Active, id = 1

RRP information for Instance 1

--------------------------------------------------------------------
Valid  Flags   Peer      Preferred  Reserved
               Count     Peer       Peer

--------------------------------------------------------------------
TRUE    V        1           1          1

Switch  Switch Status  Preempt       Priority  Role     Local   Remote
        Number         Oper(Conf)    Oper(Conf)         SID     SID
--------------------------------------------------------------------
LOCAL   1      UP      FALSE(N )     110(110)  ACTIVE   0       0   
REMOTE  2      UP      FALSE(N )     100(100)  STANDBY  2456    7573

Peer 0 represents the local switch

Flags : V - Valid 
In dual-active recovery mode: No


Executing the command on VSS member switch role = VSS Standby, id = 2

RRP information for Instance 2

--------------------------------------------------------------------
Valid  Flags   Peer      Preferred  Reserved
               Count     Peer       Peer

--------------------------------------------------------------------
TRUE    V        1           1          1

Switch  Switch Status  Preempt       Priority  Role     Local   Remote
        Number         Oper(Conf)    Oper(Conf)         SID     SID
--------------------------------------------------------------------
LOCAL   2      UP      FALSE(N )     100(100)  STANDBY  0       0   
REMOTE  1      UP      FALSE(N )     110(110)  ACTIVE   7573    2456

Peer 0 represents the local switch

Flags : V - Valid 
In dual-active recovery mode: No

SW-C4500X-CORE#

SW-C4500X-CORE#sh switch virtual redundancy 

Executing the command on VSS member switch role = VSS Active, id = 1


                  My Switch Id = 1
                Peer Switch Id = 2
        Last switchover reason = none
    Configured Redundancy Mode = Stateful Switchover
     Operating Redundancy Mode = Stateful Switchover

Switch 1 Slot 1 Processor Information :
-----------------------------------------------
        Current Software state = ACTIVE
                 Image Version = Cisco IOS Software, Catalyst 4500 L3 Switch  Software (cat4500e-UNIVERSALK9-M), Version 15.2(5)E, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Tue 19-Jul-16 15:19 by prod_rel_team
                          BOOT = bootflash:cat4500e-universalk9.SPA.03.09.00.E.152-5.E.bin,1;
        Configuration register = 0x2102
                  Fabric State = ACTIVE
           Control Plane State = ACTIVE

Switch 2 Slot 1 Processor Information :
-----------------------------------------------
        Current Software state = STANDBY HOT (switchover target)
                 Image Version = Cisco IOS Software, Catalyst 4500 L3 Switch  Software (cat4500e-UNIVERSALK9-M), Version 15.2(5)E, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Tue 19-Jul-16 15:19 by pro
                          BOOT = bootflash:cat4500e-universalk9.SPA.03.09.00.E.152-5.E.bin,1;
        Configuration register = 0x2102
                  Fabric State = ACTIVE
           Control Plane State = STANDBY


Executing the command on VSS member switch role = VSS Standby, id = 2

show virtual switch redundancy is not supported on the standby
SW-C4500X-CORE#

2) We trying to get net-flow data about traffic using Flexible NetFlow.

Our FNF config looks like this

<...>
flow record r1
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 collect interface input
 collect interface output
 collect counter bytes
 collect counter packets
!         
!         
flow exporter nfcoll
 destination 192.168.6.52
 transport udp 9996
!         
!         
flow monitor m1
 exporter nfcoll
 cache timeout active 60
 record r1
!         
!         
<...>
interface TenGigabitEthernet2/2/1
 no switchport
 ip flow monitor m1 input
 ip address 10.255.3.2 255.255.255.252
!
<...>

3) After that we prepare our netflow collector for recieving netflow data.

As a result we realized, that netflow data from interface Te2/2/1 is not exported.

And soon we realize that no flow data collected on interface, that belong to stanntdby switch.

Netwflow data collected on active switch interfcaces only.

More over when we try to view local netflow cache on active switch via CLI - we see nothing.

4) Also we try to view netflow status on standby box.

SW-C4500X-CORE#remote login module 11
Connecting to standby virtual console 
Type "exit" or "quit" to end this session


SW-C4500X-CORE-standby-console#sh flow interface     
SW-C4500X-CORE-standby-console#

So, as you can see: netflow monitor is not applied on our interface.

Now we trying to understand: is this a BUG or may be we incorrect configure netflow.

Please, somebody clarify this situation.