Good day all - please see what i used to attempt to gather netflow from a switch; my question here is - why do i see traffic from all my other branches from this one location?
flow record record1
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
flow exporter export1
transport udp 2055
template data timeout 60
flow monitor monitor1
cache timeout inactive 120
cache timeout active 300
Solved! Go to Solution.
yes an no - its a weird design, all branches connect to MPLS service provider (CE) using access port, so in theory yes. I was under the impression this would not work since it's a layer 3 service but i guess not. not as great as running on router but every bit counts.
Hi there here is the conifg; applied to vlan 1 - still seeing traffic from multiple locations, normal?
ip flow monitor monitor1 sampler SampleTest input
ip address 192.168.3.9 255.255.255.0
no ip redirects
Thanks for the info Jaderson - its working fine now, after some research i notice that some of the other locations were also using the same UDP port (go figure....always over look easy!) i made changes and added some of your suggestions.