ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4006
Views
0
Helpful
12
Replies
Highlighted

Flexible netflow in port-channel

Hello

I need to configure flexible netflow in L3 port-channel interface at WS-C3850-12XS  IOS Version 16.3.3, but it,s not possible.

MG_CORE(config-if)#ip flow monitor Netflow-Monitor-In input

% Flow Monitor: Failed to add monitor to interface: flexible netflow not supported on port channels

In the following documentation, says that it is supported.

Flexible NetFlow is not supported on the L3 port-channel member ports, but is supported on the L3 port-channel interface.

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/16-3/configuration_guide/b_163_consolidated_3850_cg/b_162_consolidated_3850_cg_chapter_01000111.html

Please, help.

thanks

Everyone's tags (4)
12 REPLIES 12
Highlighted
Beginner

Which are you trying to add

Which are you trying to add it to?  The port-channel or the members?

Highlighted

I trie to add in port-channel

I trie to add in port-channel 

MG_CORE(config)#interface port-channel 1

MG_CORE(config-if)#ip flow monitor Netflow-Monitor-In in

% Flow Monitor: Failed to add monitor to interface: flexible netflow not supported on port channels

Highlighted
Beginner

As Reza pointed out, add it

As Reza pointed out, add it to the members rather than the port-channel.

Highlighted

I have configured Netflow in

I have configured Netflow in the port TE1/0/10 and TE2/0/10, but Netflow are not working.

This is the configuration.

!
flow record Netflow-In
match flow direction
match interface input
match ipv4 destination address
match ipv4 protocol
match ipv4 source address
match ipv4 tos
match transport destination-port
match transport source-port
collect interface output
collect counter bytes long
collect counter packets long
!

!
flow exporter Netflow_SRV
destination 10.1.10.141
source Port-channel1
transport udp 9996
!
flow monitor Netflow-Monitor-In
exporter Netflow_SRV
cache timeout inactive 10
cache timeout active 60
record Netflow-In
!

MG_CORE#sh interfaces port-channel 1 etherchannel
Age of the Port-channel = 15d:02h:58m:05s
Logical slot/port = 12/1 Number of ports = 2
GC = 0x00000000 HotStandBy port = null
Passive port list = Te1/0/10 Te2/0/10
Port state = Port-channel L3-Ag Ag-Inuse
Protocol = -
Port security = Disabled

Ports in the Port-channel:

Index Load Port EC state No of bits
------+------+------+------------------+-----------
0 00 Te1/0/10 On 0
0 00 Te2/0/10 On 0

Time since last port bundled: 12d:23h:04m:54s Te2/0/10
Time since last port Un-bundled: 12d:23h:06m:20s Te1/0/10

!
interface TenGigabitEthernet1/0/10
description *** ENL a ROUTER 7600 puerto G5/1 ***
no switchport
ip flow monitor Netflow-Monitor-In input
no ip address
channel-group 1 mode on
end

!

interface TenGigabitEthernet2/0/10
description *** ENL a ROUTER 7600 puerto G6/1 ***
no switchport
ip flow monitor Netflow-Monitor-In input
no ip address
channel-group 1 mode on
end

MG_CORE#sh flow monitor Netflow-Monitor-In statistics
Cache type: Normal (Platform cache)
Cache size: Unknown
Current entries: 0

Flows added: 0
Flows aged: 0

!

Highlighted
Hall of Fame Expert

Can you change the source to

Can you change the source to physical interface and test again?

no source Port-channel1

source tenGigabitEthernet1/0/10

HTH

Highlighted
Beginner

It's common practice to use

It's common practice to use the Loopback IP (i.e. loopback0) of the router as the source address.  Reza's test will work with the tenGigabitEthernet source though.

Highlighted

Reza Sharifi , 2rcluett

Reza Sharifi , 2rcluett

I have change the source interface to Ten1/0/10, but the problem persist

MG_CORE#sh flow monitor Netflow-Monitor-In statistics
Cache type: Normal (Platform cache)
Cache size: Unknown
Current entries: 0

Flows added: 0
Flows aged: 0

Highlighted
Beginner

Can you see any netflow

Can you see any netflow traffic destined for the Netflow server leaving the router?  You should be able to run a packet capture from the box if running the appropriate code.

Highlighted
Beginner

Also may be worthwhile to

Also may be worthwhile to reduce your netflow statements down to the bare minimum.  It may help isolate the issue. Try it with the simplest Netflow config you can muster up.

I don't think this will work for a comparison because I'm running Netflow v9. This is the extent of my Netflow config on IOS routers.

ip flow-capture vlan-id
ip flow-export source Loopback0
ip flow-export version 9
ip flow-export destination 10.24.1.17 19206
ip flow-top-talkers
 top 10
 sort-by bytes
!

Highlighted
Beginner

I have the same issue. I

I have the same issue. I applied it on the physical interface with no avail.

Highlighted
Hall of Fame Expert

Hi,

Hi,

It is not supported under the Portchannel interface. It is only supported on the physical interfaces belonging to Portchannel 1 (in your case).

HTH

Highlighted

Re: Hi,

I have an issue and I am looking for some help

 

I have a number of port channels on a fibre link.

one pair of the fiber 5&6 are faulty. After they have been tested by our fibre guys I wish to take this

pair out fo the port channel and test thew with a vlan. I also want to send traffic down this link over 2 hours and send it to Wireshark

 

Any ideas?

 

Michael

Content for Community-Ad