Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4123
Views
0
Helpful
10
Replies

Netflow on Sup2T

LooseCannon
Level 1
Level 1

‎08-30-2013 09:00 AM - edited ‎03-07-2019 03:13 PM

Hi all,

I was hoping someone might be able to shed some light on this as I have been unable to find anything online.  About five months ago I configured Netflow on two 6504-E's that have Sup2T engines in them.  Netflow was added to several SVI interfaces and it was exporting properly to a Netflow analyzer.  However, it appears those flows stopped several months ago.  So, I logged in to the switches and had a look and everything still seemed to be configured correctly except that none of the flows were being exported.  My next step was to remove the flow monitor from each interface and then I was going to re-apply it.  However, this is what I am seeing when I go to apply it:

(config-if)#no ip flow monitor WM-Monitor input

(config-if)#no ip flow monitor WM-Monitor output

(config-if)#ip flow monitor WM-Monitor input

% Flow Monitor: Flow Monitor 'WM-Monitor' is currently having its old cache deleted.

I thought that it might need a bit of time to delete the cache but even after a day I still can't re-apply it.  Likewise I cannot even remove the monitor as it still thinks it is applied to the interface, even when it is not:

(config)#no flow monitor WM-Monitor

% Flow Monitor: Flow Monitor is in use. Remove from all interfaces before deleting.

#show flow monitor WM-Monitor statistics

  Cache type:                               Normal (Platform cache)

  Cache size:                              Unknown

  Current entries:                               0

#show flow monitor WM-Monitor cache

% Flow Monitor: 'WM-Monitor' has no cache.

At this point I am at a loss.  The problem happened on both 6504-E's that I had this configured on.  I will post the rest of the Netflow config below just for a reference.  Is it possible I have run into a bug here?

flow record WM-Record

description nfsen Netflow v9 Record

match ipv4 protocol

match ipv4 source address

match ipv4 destination address

match transport source-port

match transport destination-port

match interface input

collect routing source as

collect routing destination as

collect counter bytes

collect counter packets

collect timestamp sys-uptime first

collect timestamp sys-uptime last

!

!

flow exporter WM-Exporter

description nfsen Netflow v9 Exporter

destination x.x.x.x

source Loopback0

transport udp 2055

!

!

flow monitor WM-Monitor

description nfsen Netflow v9 Monitor

exporter WM-Exporter

record WM-Record

!

flow hardware export threshold 60

Labels:
0 Helpful
10 Replies 10

Reza Sharifi
Hall of Fame
Hall of Fame

‎08-30-2013 02:07 PM

Can you try deleting the entire Netflow config and reapplying again?

HTH

0 Helpful

LooseCannon
Level 1
Level 1
In response to Reza Sharifi

‎08-30-2013 03:03 PM

Hi Reza,

Thanks for the reponse.  I can't remove the entire config as the moment I try to remove the flow monitor that I have created it still thinks it is assigned to the interfaces,even though I have clearly removed it from all interfaces.  So at this point I cannot assign it to any interfaces nor can I remove the configuration entirely.  That leads me to believe I have encountered a possible bug.

(config)#no flow monitor WM-Monitor

% Flow Monitor: Flow Monitor is in use. Remove from all interfaces before deleting.

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to LooseCannon

‎08-30-2013 03:07 PM

Hi,

What version of IOS are you running?

Can you post?

sh ver

Thanks,

0 Helpful

LooseCannon
Level 1
Level 1
In response to Reza Sharifi

‎08-30-2013 03:22 PM

Running 15.1(1)SY on both 6504-E's

s2t54-advipservicesk9-mz.SPA.151-1.SY.bin

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to LooseCannon

‎08-30-2013 03:49 PM

I could be a bug. Since your sup is 2T and I am sure under server contract, open a ticket with TAC.

HTH

0 Helpful

edwardzeng
Level 1
Level 1
In response to Reza Sharifi

‎09-18-2014 08:18 PM

Confirmed that is the bug.

=============================

CSCui17732

 

 

  Sup2T: show tech-support hangs VTY session on Netflow TCAM interrupt

 

  CSCui17732

 

  Description

 

  Symptom:

 

  One or more following symptoms may be observed:

 

  "show tech-support" command is not completed, and VTY session hangs

 

  Netflow entries are not created

 

  Netflow may stop or skip exporting data

 

 

  Conditions:

 

  Issue is seen with 15.1(1)SY or later releases.

 

  AND

 

  The switch reports Netflow TCAM error messages.

 

  Example:

 

  %EARL_L3_ASIC-3-INTR_FATAL: EARL L3 ASIC 0: fatal interrupt NF_SE_CMD_ERR

 

 

  Workaround:

 

  If the issue is seen with a DFC-enabled module, sometimes reset the module may solve this issue, If it is not

  solving then we need to reload whole box.

 

 

  For standalone switch:

 

  Sup2T#hw-module module reset

 

  For VSS setup:

 

  Sup2T-VSS#hw-module switch module reset

 

 

  If the issue is seen with the Sup engine, then failover.

 

  Sup2T#redundancy force-switchover

 

 

  Please be aware that resetting sup/module resolves the problem temporarily and issue may return at any time.

 

  Further Problem Description:

 

  The bug fixes the symptoms mentioned above, not the actual error message.

The error can be ignored after this

  fix.

 

  Customer Visible

 

  Was the description about this Bug Helpful?

 

  (3)

 

  Details

 

 

 

 

 

 

  Last Modified:

 

  Aug 28,2014

 

  Status:

 

  Fixed

 

  Severity:

 

  2 Severe

 

  Product:

 

  Cisco Catalyst 6000 Series Switches

 

  Support Cases:

 

  72

 

 

 

 

 

  Known Affected Releases:

 

(5)

 

 

 

 

 

 

 

 

  15.1(1)SY

 

  15.2(1)SY

 

  15.1(2)SY

 

  15.1(1)SY1

 

  15.1(1.2)

 

 

 

 

 

  Known Fixed Releases:

 

(9)

 

 

 

 

 

 

 

 

  15.1(1)IB273.251

 

  15.0(0)SY99.335

 

  15.1(2)SY1.1

 

  15.1(1)IC66.64

 

  15.1(99)SY9.1

 

  15.0(1)SY6

 

  15.1(1)ICB29.36

 

  15.1(2)SY2

 

  15.1(1)SY3

 

0 Helpful

edwardzeng
Level 1
Level 1

‎05-01-2014 03:19 PM

To check which interfaces are using the netflow by "show flow interfac"

 

 

0 Helpful

daniele matta
Level 1
Level 1

‎07-07-2014 06:10 AM

 

Hi I am running similar problem with the sup2t and netflow ,

I have tried different configuration as my server collector had always problem with flows timeout.

Then I configured:

 

flow platform cache timeout active 300
flow platform cache timeout inactive 60

 

After this, i solved the timeout problem, but suddendly after several hours the netflow stop working at all.

No flows were generated anymore and any show flow monitor comand was stacking the router

Plus i couldn't play any flow comand even removing the ip flow monitor from the interface

After I tried other times no ip flow monitor / ip flow monitor the router started again to works with the flow parts.

 

Can someone help me with this?

 

0 Helpful

LooseCannon
Level 1
Level 1
In response to daniele matta

‎07-07-2014 06:31 AM

Hi there,

 

I ended up opening a ticket with TAC about this and the bug was eventually resolved.  We have been running 15.1(2)SY2 for roughly 6 months now without a recurrence of the problem.  I'm sorry I don't have the exact bug ID but if you search the release notes for Netflow you will see a note related to fixing this particular bug.

 

 

0 Helpful

daniele matta
Level 1
Level 1
In response to LooseCannon

‎07-07-2014 09:07 AM

 

May I ask you your  netflow configuration?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card