I doing a POC with various Netflow collectors and have noticed an odd occurrence across all of them the virtual appliances
for the POC i'm collecting Flows from ASA's some 4500's and a 6509 pair
There is one particular vlan I want to collect on our 6509 VSS Switch (Vlan 291) However after configuring the Flex Netflow's Export/Monitor/Record and Applying it to the SVI for 291 somehow the switch also exports records for Vlan 16 . As such the POC appliances recognize vlan 16 as a new net-flow source . this has been consistent across the appliances we have been POC'ing (Riverbed , ManageEngine and Solarwinds)
Vlan 291 has a flow monitor POC-EXPORT input/output on the SVI vlan 16 does not
Im getting flow records id expect to see on both I just cannot understand how Vlan 16 is getting exported too
#show run flow monitor
flow monitor POC-MONITOR record POC-RECORD exporter POC-EXPORT cache timeout active 60 ! #show run flow export Current configuration: ! flow exporter POC-EXPORT destination 10.*.*.* vrf *vrf name* source Vlan291 transport udp 9991 ! #show run flow record ! flow record POC-RECORD match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match flow direction collect routing next-hop address ipv4 collect interface input collect interface output collect counter bytes collect counter packets !
! interface Vlan291 ip vrf forwarding *vrf name* ip address 172.*.*.* 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip flow monitor POC-MONITOR input ip flow monitor POC-MONITOR output
#show run int vlan 16 ! interface Vlan16 ip address 172.*.*.* 255.255.0.0 no ip redirects no ip unreachables no ip proxy-arp end
#show flow export Flow Exporter POC-EXPORT: Description: User defined Export protocol: NetFlow Version 9 Transport Configuration: Destination IP address: 10.*.*.* VRF label: *vrf name* Source IP address: 172.*.*.* Source Interface: Vlan291 Transport Protocol: UDP Destination Port: 9991 Source Port: 62828 DSCP: 0x0 TTL: 255 Output Features: Not Used
#show flow record flow record POC-RECORD: Description: User defined No. of users: 1 Total field space: 35 bytes Fields: match ipv4 tos match ipv4 protocol match ipv4 source address match ipv4 destination address match transport source-port match transport destination-port match flow direction collect routing next-hop address ipv4 collect interface input collect interface output collect counter bytes collect counter packets
#show flow monitor Flow Monitor POC-MONITOR: Description: User defined Flow Record: POC-RECORD Flow Exporter: POC-EXPORT Cache: Type: normal Status: allocated Size: 4096 entries / 278544 bytes Cache: Type: normal (Platform cache) Status: allocated Size: Unknown Timers: Local Global Inactive Timeout: 15 secs 60 secs Active Timeout: 60 secs 60 secs Update Timeout: 1800 secs Fast Timeout: Disabled
Show CommandPurposeCiscoICX-RuckusShow Spanning tree infoShow spanning-treeshow 802-1wVerify Port-Channel / Link aggregation infosh lag briefsh etherchannel summaryShow CDC/LDP neighbor infoshow cdp neighbors detailsh lldp neighbors de sh mac a...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.
Introduction to SD-Access Multicast
The document describes the Cisco DNAC UI workflow introduced as part of the Cisco DNA Center1.3.3 release. The document covers the components of Multicast forwarding on SD-Access fabric and the configuration pushed to...