Issue with Netflow on 4500X

carl_townshend · ‎05-19-2021

Hi All

I have some questions around netflow and also about an issue.

First of all, we have set up netflow monitors on the input and output side, my question is do we really need both directions? what does this give us?

The config we apply is below, some has been omitted

flow record FLOW-RECORD-IN
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match flow direction
collect interface output
collect counter bytes long
collect counter packets long
!
!
flow record FLOW-RECORD-OUT
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface output
match flow direction
collect interface input
collect counter bytes long
collect counter packets long

!

vlan configuration 2403
ip flow monitor FLOW-MONITOR-IN input
ip flow monitor FLOW-MONITOR-OUT output

When we apply this, we get the following error,

CORE-VSS(config)#vlan configuration 1442

CORE-VSS(config-vlan-config)#ip flow monitor FORESCOUT-NETFLOW-OUT output
% Flow Monitor: 'FORESCOUT-NETFLOW-OUT' could not be added to interface due to invalid sub-traffic type: 0

How do we fix this?

Cheers

balaji.bandi · ‎05-19-2021

Not sure what is the code running on this kit, Look some limitation here : (as i see the host name as VSS )

Restrictions for Configuring Flexible NetFlow

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/15-1-2/XE_340/configuration/guide/config/fnf.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help