Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1908
Views
0
Helpful
5
Replies

Netflow and CAT 9500-16x

Go to solution
JohnRosso3555
Level 1
Level 1

‎07-28-2021 12:40 AM

Hello

flexible flow says the management interface is not an authorized interfaced to send netflow data. This is my internet router for the organization and I am trying to just manage everything through the MGMT-vrf so the data plane is only exposed to the public. Is it possible to use the MGMT interface or a work around?

 

Also, it is saying that I need to upgrade my license to use the full netflow feature - below is my output. I thought that essentials is the base and advantage is the highest.

Thank you for taking a look.

John

 

DRF312cisco-WWW#show license summary
Smart Licensing is ENABLED
License Reservation is ENABLED

Registration:
Status: REGISTERED - SPECIFIC LICENSE RESERVATION
Export-Controlled Functionality: ALLOWED

License Authorization:
Status: AUTHORIZED - RESERVED

License Usage:
License Entitlement tag Count Status
-----------------------------------------------------------------------------
C9500 Network Advantage (C9500 Network Advantage) 2 AUTHORIZED
C9500-DNA-16X-A (C9500-16X DNA Advantage) 0 NOT IN USE

 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎07-28-2021 01:08 AM

Network Advantage  - supports netflow you can use this License that.

 

yes there is Limitationn for the MGMT Interface and Gi0/0 - they not offer this feature. because they not part of the route processor as i am aware.

 

instead you can use any interface other than those mentioned abovie and conver in to your Manangment VRF and do the task (it should work as expected)

 

 

Flexible NetFlow export is not supported on the Ethernet management port, GigabitEthernet 0/0.

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/16-8/configuration_guide/nmgmt/b_168_nmgmt_9500_cg/b_168_nmgmt_9500_cg_chapter_0111.html

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful

Go to solution
JohnRosso3555
Level 1
Level 1
In response to Giuseppe Larosa

‎07-28-2021 01:15 AM

Grazie Giuseppe - I'd like to leave the MGMT interface under it's own VRF as this gets accessed from inside our network. I guess I am forced to use one of the dataplane interfaces as the export interface. I have about 10 ports left over so I  can dedicate an interface to netflow specifically or maybe set up a mirror/span port and just send it to Gigamon/Extrahop.

 

Tobad on the limitation.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-28-2021 12:54 AM

Hello @JohnRosso3555 ,

this is a known limitation shared with other platforms you need to use a standard interface in order to export Netflow data, the management interface is not supported for this use.

Eventually consider moving the configuration under the management interface under a standard interface.

 

Hope to help

Giuseppe

 

0 Helpful

Go to solution
JohnRosso3555
Level 1
Level 1
In response to Giuseppe Larosa

‎07-28-2021 01:15 AM

Grazie Giuseppe - I'd like to leave the MGMT interface under it's own VRF as this gets accessed from inside our network. I guess I am forced to use one of the dataplane interfaces as the export interface. I have about 10 ports left over so I  can dedicate an interface to netflow specifically or maybe set up a mirror/span port and just send it to Gigamon/Extrahop.

 

Tobad on the limitation.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎07-28-2021 01:08 AM

Network Advantage  - supports netflow you can use this License that.

 

yes there is Limitationn for the MGMT Interface and Gi0/0 - they not offer this feature. because they not part of the route processor as i am aware.

 

instead you can use any interface other than those mentioned abovie and conver in to your Manangment VRF and do the task (it should work as expected)

 

 

Flexible NetFlow export is not supported on the Ethernet management port, GigabitEthernet 0/0.

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/16-8/configuration_guide/nmgmt/b_168_nmgmt_9500_cg/b_168_nmgmt_9500_cg_chapter_0111.html

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
JohnRosso3555
Level 1
Level 1
In response to balaji.bandi

‎07-28-2021 01:18 AM

Are you saying I can add a data plane interface to the MGMT-VRF? One that is not being used by production traffic and put it in the MGMT-vrf and send it that way.

 

I do have a case open about why switch reports that Full Netflow is not authorized.

0 Helpful

Go to solution
JohnRosso3555
Level 1
Level 1
In response to balaji.bandi

‎07-28-2021 01:20 AM

Also, is it common for the "show interfaces status" to show all interfaces and modules even if the module is not installed?

0 Helpful
Customers Also Viewed These Support Documents