11-20-2009 10:31 AM - edited 03-06-2019 08:39 AM
Hi Guys!!! I need your help please. I have a Router 12404/PRP (IP=1.1.1.1) and I'm trying to connect it to a Traffic Analiser (IP=1.1.1.2) in order to send flow records. When I connect the Router directly to Analiser without VRF configuration [Case-1], there is no problem and can see flow packets arriving to Analiser through a sniffer. But, when I configured VRF [Case-2], these flow packets are not arriving, I do not know if I need to configure something else inside or outside VRF. This is the configuration:
[Case-1] Configuration without VRF:
interface FastEthernet0
ip address 1.1.1.1 255.255.255.0
no ip directed-broadcast
negotiation auto
ip flow-export destination 1.1.1.2 63636
[Case-2] Configuration with VRF:
interface FastEthernet0
ip address 1.1.1.1 255.255.255.0
ip vrf forwarding ANALISER
no ip directed-broadcast
negotiation auto
ip flow-export destination 1.1.1.2 63636 vrf ANALISER
Common Configuration:
ip vrf ANALISER
rd 19114:200001
export map RM-vrf-ANALISER
route-target export 19114:200001
route-target import 19114:200001
route-target import 19114:200011
route-target import 19114:200004
1.- Do I need to configure anything else?
2.- Is it possible to use the vrf interface as source of netflow packets?
3.- Can I export flow records within a VRF.
Thanks in advance for your kindly help guys!
Saludos,
Carlos*
11-20-2009 11:20 AM
Hello Carlos,
according to netflow command reference support for export of netflow data to a VRF is recent
http://www.cisco.com/en/US/docs/ios/netflow/command/reference/nf_01.html#wp1049093
Before Cisco IOS Releases 12.4(4)T, only one routing option existed for NetFlow export data packets. NetFlow sent all export data packets to the global routing table for routing to the export destinations you specified.
this is clearly an IOS release for ISR routers.
looking at feature navigator at www.cisco.com/go/fn
using search by feature and typing netflow several netflow features are displayed but no explicit export to VRF feature appears.
You may want to open a service request to ask if and when it is supported on GSR.
As you can understand up to now netflow data export has been done in the global routing table and it is common practice for service providers to do so.
Hope to help
Giuseppe
11-20-2009 12:11 PM
Hi Giuseppe! Thanks for your answer. Just one questions...Do you know the right name for this feature?
Thanks!
Carlos*
12-02-2009 09:59 AM
Hi Carlos,
Did you made it work?
it's not working in all versions, some DDTS have been opened for this issue.
I'm currently trying to solve a similar issue, I'm working with the developers and if you don't have a solution,
probably I can find it for you.
Can you please send me the following details:
- version
- show ip flow export - 3 times, (when the issue is happening.)
regards
Armando.
03-23-2010 12:30 PM
Carlos, Armando, I have the same issue, Netflow export does not work when destination is inside a VRF. Are we dealing with an IOS bug? Maybe Flexible Netflow fixes this?
05-11-2010 11:35 AM
Hi Carlos,
Please add udp after the name fo the VRF
ip flow-export destination 10.198.230.27 63636 vrf LEIPA udp
Christian
05-29-2014 11:08 AM
I have the same problem - exporting Flexible Netflow Data via the Mgmt interface on an ASR1002 doesn't seem to work :( any body have idea's?
06-03-2014 05:36 AM
I've had the following response from Cisco:
"Problem description: netflow not exported when the server is in management interface
Action Plan:
You are correct - the Netflow export is not supported via management interface.
Management interface is a special type interface - it is not considered as a regular interface by the QFP (forwarding ASIC) and is the only interface that is still alive when
ESP goes down. Netflow collection and export occurs directly on the ESP hardware and doesn't involve the RP. Based on that the engineering team made a conscious decision not to support Netflow export on it. They think that the feature can be dangerous for the RP (because of the traffic that might be needed to be processed). You can't change the VRF on the management interface and considering all the facts above
there are no plans to support Netflow export on the management interface.
01-09-2017 06:57 AM
I an having the same problem - exporting Flexible Netflow Data via the Mgmt interface on an ASR1002 doesn't seem to work
Is it still true that the VRF management interface will not work?
12-12-2017 01:47 AM
09-07-2018 11:16 AM
I thought it might be helpful to add a show command showing that the packets are failing to send over the management VRF.
show flow exporter statistics
Flow Exporter NETFLOW:
Packet send statistics (last cleared 00:00:04 ago):
Successfully sent: 0 (0 bytes)
Reason not given: 49 (64232 bytes)
Client send statistics:
Client: Option options application-name
Records added: 0
Bytes added: 0
Client: Option options application-attributes
Records added: 0
Bytes added: 0
Client: Flow Monitor NETFLOW
Records added: 1797
- failed to send: 1797
Bytes added: 62895
- failed to send: 62895
Please rate helpful posts.
10-28-2019 08:14 AM
if each VRFs required new forwarder configuration for the different VRF interfaces?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide