Netflow Command is not available

pcclonescisco · ‎03-09-2012

Netflow is not available ..please help

12.2(54)SG1

new#show module

Chassis Type : WS-C4507R-E

Power consumed by backplane : 40 Watts

Mod Ports Card Type Model Serial No.

---+-----+--------------------------------------+------------------+-----------

1 48 10/100/1000BaseT (RJ45) WS-X4548-GB-RJ45 JAE1216EZLD

2 48 10/100/1000BaseT (RJ45) WS-X4548-GB-RJ45 JAE1216EZMC

3 2 Supervisor V 1000BaseX (GBIC) WS-X4516 JAE1216ESPV

4 2 Supervisor V 1000BaseX (GBIC) WS-X4516 JAE1216ETJG

5 48 1000BaseX SFP WS-X4448-GB-SFP JAE120573SC

new#show module 3

Mod Ports Card Type Model Serial No.

---+-----+--------------------------------------+------------------+-----------

3 2 Supervisor V 1000BaseX (GBIC) WS-X4516 JAE1216ESPV

M MAC addresses Hw Fw Sw Status

--+--------------------------------+---+------------+----------------+---------

3 001f.9e46.d1c0 to 001f.9e46.d1c1 4.5 12.2(31r)SGA 12.2(54)SG1 Ok

Mod Redundancy role Operating mode Redundancy status

----+-------------------+-------------------+----------------------------------

3 Active Supervisor SSO Active

new#show module 4

Mod Ports Card Type Model Serial No.

---+-----+--------------------------------------+------------------+-----------

4 2 Supervisor V 1000BaseX (GBIC) WS-X4516 JAE1216ETJG

M MAC addresses Hw Fw Sw Status

--+--------------------------------+---+------------+----------------+---------

4 001f.9e46.d1c2 to 001f.9e46.d1c3 4.5 12.2(31r)SGA 12.2(54)SG1 Ok

Mod Redundancy role Operating mode Redundancy status

----+-------------------+-------------------+----------------------------------

4 Standby Supervisor SSO Standby hot

new#conf t

Enter configuration commands, one per line. End with CNTL/Z.

new(config)#ip fl?

% Unrecognized command

new(config)#ip fl

Dan-Ciprian Cicioiu · ‎03-09-2012

Hi ,

This feature is only available if the NetFlow Services Card (WS-F4531) is present.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/20ew/configuration/guide/nfswitch.html

Dan

pcclonescisco · ‎03-12-2012

Now i have added the daughter card and enabled IP FLOW. But still, Export is not happening.

NEW#show run | i flow

ip flow ingress infer-fields

ip flow-export source Vlan20

ip flow-export version 5

ip flow-export destination x.x.x.x

ip route-cache flow infer-fields

NEW#

Eventhough i am able to see the export output in switch, still its not capturing on netflow server.

NEW#show ip flow export

Flow export v5 is enabled for main cache

Export source and destination details :

VRF ID : Default

Source(1) y.y.y.y (Vlan20)

Destination(1) x.x.x.x (9995)

Version 5 flow records

40876662 flows exported in 1362556 udp datagrams

0 flows failed due to lack of export packet

0 export packets were sent up to process level

0 export packets were dropped due to no fib

0 export packets were dropped due to adjacency issues

0 export packets were dropped due to fragmentation failures

0 export packets were dropped due to encapsulation fixup failures

NEW#

Dan-Ciprian Cicioiu · ‎03-13-2012

Hi ,

Are you sure that your collector runs on port 9995 ?

The output of the flow export command tells you :

40876662 flows exported in 1362556 udp datagrams

Dan

pcclonescisco · ‎03-13-2012

Yes..Its working on port no 9995. recent output:

NEW#show ip flow export

Flow export v5 is enabled for main cache

Export source and destination details :

VRF ID : Default

Source(1) y.y.y.y (Vlan20)

Destination(1) x.x.x.x (9995)

Version 5 flow records

48701938 flows exported in 1623398 udp datagrams

0 flows failed due to lack of export packet

0 export packets were sent up to process level

0 export packets were dropped due to no fib

0 export packets were dropped due to adjacency issues

0 export packets were dropped due to fragmentation failures

0 export packets were dropped due to encapsulation fixup failures

NEW#

Dan-Ciprian Cicioiu · ‎03-13-2012

Hi ,

could you configure globally :

ip flow ingress

Also post after : show ip cache flow | b Src

Dan

pcclonescisco · ‎03-13-2012

Yes. I have configured globally and in 45xx with this IOS, I dont see a command to enable it on interface.

May i know your email address to share the output.

Dan-Ciprian Cicioiu · ‎03-13-2012

Hi ,

You can send me the output on a private message.

Enabling netflow on a per interface is not supported, the configuration is made only globally.

Dan

pcclonescisco · ‎03-13-2012

I am not getting a option to send it through private message . Please guide me

Dan-Ciprian Cicioiu · ‎03-14-2012

Hi ,

Click on my name, and on my profile page , on the right is a link "Send private message"

Regards

Dan

pcclonescisco · ‎03-14-2012

Sent. Please check

Don Jacob · ‎03-17-2012

Did you install Wireshark on the NetFlow server and check if the packets are reaching it? All flow analyzer softwares wait for the NetFlow packets to reach it and so even if your switch is exporting, it could be a case where Firewalls or ACL is blocking UDP NetFlow packet from reaching the installation server. You could also try with the software firewall disabled.

Regards,

Don Thomas Jacob

www.netflowanalyzer.com

NOTE: Please rate posts and close questions if your query has been answered

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.