Hey @Giuseppe Larosa ,

I have applied it to interfaces g1/0/1-32. Vlan 200 is up/up as well. Vlan 200 is the ip used on the switch for EIGRP association with the other locations. Would that cause issues?

Another thing that may be useful the interfaces are using commands like:

interface GigabitEthernet1/0/32
description OPAC
switchport access vlan 136
switchport mode access
ip flow monitor e-1 input
ip flow monitor e-2 output
end

Hello @Bryson F ,

your configuration looks like fine taking in account your other post about data interface config.

SVI Vlan 200 used for EIGRP should not be an issue.

Edit :

>> IOS 17.03.05 with DNA Essentials

either there is an issue with the licenses or you need to change SDM template ( if this still applies to Cat 9x00 family)

Edit2 : I have checked on feature navigator Cat 9200 with IOS XE 17.3.5 and DNA Essentials and it reports Flexible Netflow as supported

Edit 3:

configuration guide

https://www.cisco.com/c/en/us/support/docs/switches/catalyst-9300-series-switches/218311-configure-and-verify-netflow-avc-and-e.html

the config example is verry close to your config with a source SVI interface

the only note is:

>> DNA Addon license is required for full Flexible NetFlow, otherwise Sampled NetFlow is only available. 

And also: to check what is doing

show flow monitor <flow monitor name> statistics

Hope to help

Giuseppe

Thanks for checking on that @Giuseppe Larosa . I doubted the error was the configuration side of things. I just wanted to drop my concerns into the community thread to try and help verify that with some knowledgeable people. I have started sorting through the configuration files on the appliance to see if for some reason the sending port 53123 UDP was explicitly denied or just not configured. I do believe that may be the case since a pcap from the appliance's server showed it receiving CFLOW data packets from that switche's Vlan200 IP.

Hello @Giuseppe Larosa ,

That is my main concern in this scenario:

XB_ALLIN1#show flow mon e-1 stat
Cache type: Normal (Platform cache)
Cache size: 10000
Current entries: 0

Flows added: 0
Flows aged: 0

XB_ALLIN1#show flow mon e-2 stat
Cache type: Normal (Platform cache)
Cache size: 10000

Flows added: 0
Flows aged: 0

Current entries: 0XB_ALLIN1#show flow record netflow ipv4 app-stats-input
flow record netflow ipv4 app-stats-input:
Description: Application statistics - input
No. of users: 1
Total field space: 73 bytes
Fields:
match ipv4 version
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
match application name
collect datalink dot1q vlan input
collect datalink mac source address input
collect datalink mac destination address input
collect transport tcp flags
collect interface output
collect counter bytes long
collect counter packets long
collect timestamp absolute first
collect timestamp absolute last

_________________________

It doesn't appear to be catching any flows and that has been my primary concern here. So would this be solved with the DNA addon? Should i configure it for sampled.

Hello @Bryson F ,

from your last post we see that no flows are recorded locally on the flow monitors.

Yes, I do agree that you should try to if adding a flow sampler can make the switch to collect something.

As an alternative , you can try to see for the DNA addon license.

Hope to help

Giuseppe

Hey @David Ruess ,

1. This was intentional yes. Their support team asked me to change the record to a default template so i chose app-stats-in/output.

2.Correct our appliance has full visibility to the switch via SNMP and VTY ACL's configured for access. It connects through vlan 200 to check if the switch is up.