07-26-2024 12:31 AM
Hi All
I have a question about flexible netflow.
On our Catalyst 9500 switch we want to send netflow to our collector (whatsup gold)
If we want to collect info from a layer 3 vlan, which is the correct config?
vlan configuration 126
ip flow monitor WUG-NETFLOW-IN input
ip flow monitor WUG-NETFLOW-OUT output
or
interface vlan 126
ip flow monitor WUG-NETFLOW-IN input
ip flow monitor WUG-NETFLOW-OUT outpu
Solved! Go to Solution.
07-26-2024 12:56 AM
Hello @carl_townshend.
To collect NetFlow data from a Layer 3 VLAN interface on your Catalyst 9500 switch, you should configure the flow monitor on the interface itself, not within the VLAN configuration mode. Here is the correct configuration:
interface vlan 126
ip flow monitor WUG-NETFLOW-IN input
ip flow monitor WUG-NETFLOW-OUT output
So, the correct configuration is the second option
This configuration ensures that the NetFlow data is captured as it enters and leaves the Layer 3 VLAN interface and is sent to your collector (WhatsUp Gold). Make sure you have already defined the WUG-NETFLOW-IN and WUG-NETFLOW-OUT flow monitors and their associated flow records and exporters in the global configuration.
Also, here’s a quick example of how you might define these:
flow record WUG-RECORD
match ipv4 source address
match ipv4 destination address
collect interface input
collect counter bytes
collect counter packets
flow exporter WUG-EXPORTER
destination <collector-ip>
transport udp 2055
flow monitor WUG-NETFLOW-IN
record WUG-RECORD
exporter WUG-EXPORTER
flow monitor WUG-NETFLOW-OUT
record WUG-RECORD
exporter WUG-EXPORTER
I hope this information proves useful!
E.S
07-26-2024 12:56 AM
Hello @carl_townshend.
To collect NetFlow data from a Layer 3 VLAN interface on your Catalyst 9500 switch, you should configure the flow monitor on the interface itself, not within the VLAN configuration mode. Here is the correct configuration:
interface vlan 126
ip flow monitor WUG-NETFLOW-IN input
ip flow monitor WUG-NETFLOW-OUT output
So, the correct configuration is the second option
This configuration ensures that the NetFlow data is captured as it enters and leaves the Layer 3 VLAN interface and is sent to your collector (WhatsUp Gold). Make sure you have already defined the WUG-NETFLOW-IN and WUG-NETFLOW-OUT flow monitors and their associated flow records and exporters in the global configuration.
Also, here’s a quick example of how you might define these:
flow record WUG-RECORD
match ipv4 source address
match ipv4 destination address
collect interface input
collect counter bytes
collect counter packets
flow exporter WUG-EXPORTER
destination <collector-ip>
transport udp 2055
flow monitor WUG-NETFLOW-IN
record WUG-RECORD
exporter WUG-EXPORTER
flow monitor WUG-NETFLOW-OUT
record WUG-RECORD
exporter WUG-EXPORTER
I hope this information proves useful!
E.S
07-26-2024 01:45 AM
Hi Enes
Thanks for that, we already have the rest of it configured, its just the L3 vlan bit.
So when would we use the vlan configuration part?
07-26-2024 03:15 AM
hello @carl_townshend
ur welcome!
About the question: when to use the vlan config part:
The VLAN configuration part for NetFlow is used when you want to monitor traffic on a Layer 2 VLAN interface or a Layer 3 VLAN interface but at a specific level of granularity. Here's when and why you would use it:
Layer 2 VLAN Interfaces:
Layer 3 VLAN Interfaces (SVI - Switched Virtual Interfaces):
Also the summary for this situation I believe is this: VLAN Configuration: Use this when you need to monitor traffic on a Layer 2 VLAN or Layer 3 VLAN interface directly. and, Interface Configuration: Apply NetFlow to physical interfaces or routed VLAN interfaces for more granular control and detailed monitoring.
So I'm sure that understanding the traffic flow and what you want to monitor will help you decide whether to use VLAN configuration or interface-level configuration.
Hope this will help!
E.S
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide