Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1381
Views
0
Helpful
5
Replies

Flexible Netflow on Cisco Catalyst 9600 switch

carl_townshend
Spotlight
Spotlight

‎04-07-2023 02:23 AM

Hi Guys

We have netflow configured on our 9600 switch, however it does not appear to be working, it could be our monitoring server but I just wanted to double check we have the correct config

We have a L3 vlan and netflow is applied currently as the below for this vlan

vlan configuration 126
ip flow monitor NETFLOW-IN input
ip flow monitor NETFLOW-OUT output

Is this the correct way to apply it to the interface, or should it be applied under the L3 SVI interface?

Cheers

Labels:
0 Helpful
5 Replies 5

M02@rt37
VIP
VIP

‎04-07-2023 02:53 AM

Hello @carl_townshend,

If you only want to monitor traffic that is within the same VLAN, then the configuration you provided should be sufficient. If you want to monitor traffic that is being routed between different VLANs, you should apply the NetFlow configuration on the Layer 3 SVI for each VLAN that you want to monitor.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

carl_townshend
Spotlight
Spotlight
In response to M02@rt37

‎04-07-2023 05:57 AM

Hi there

So when you say within the vlan? surely the flows will include source and destination IPs coming in and out of the vlan ?

or will it only show you flows on that subnet and only that subnet between each other?

cheers

0 Helpful

Flavio Miranda
VIP
VIP

‎04-07-2023 03:03 AM

Hello,

 This command should be applied under the interface vlan (SVI)

But, this is not enough. The steps to setup netflow is as follow:

  • Create a flow record by specifying keys and non-key fields to the flow.
  • Create an optional flow exporter by specifying the protocol and transport destination port, destination, and other parameters.
  • Create a flow monitor based on the flow record and flow exporter.
  • Create an optional sampler.
  • Apply the flow monitor to a Layer 2 port, Layer 3 port, or VLAN.

You can take a look on this guide.

https://www.noction.com/blog/cisco-catalyst-netflow-configuration 

https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3se/consolidated_guide/b_consolidated_3850_3se_cg_chapter_011010.html#task_1C8520F2E2F243E6B7B9F2C4C144B27C 

0 Helpful

carl_townshend
Spotlight
Spotlight
In response to Flavio Miranda

‎04-07-2023 05:58 AM

Hi,

I forgot to add, we have all the other things set, flow record, exporter etc.

it’s more where to apply it, as per the other poster, do I need to apply it under the layer 3 interface rather than under the vlan configuration prompt?

cheers

0 Helpful

Flavio Miranda
VIP
VIP
In response to carl_townshend

‎04-07-2023 06:32 AM

 That´s correct.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card