cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
23280
Views
18
Helpful
11
Replies

NetFlow VRF Export

carloskuontay
Level 1
Level 1

Hi Guys!!! I need your help please. I have a Router 12404/PRP (IP=1.1.1.1) and I'm trying to connect it to a Traffic Analiser (IP=1.1.1.2) in order to send flow records. When I connect the Router directly to Analiser without VRF configuration [Case-1], there is no problem and can see flow packets arriving to Analiser through a sniffer. But, when I configured VRF [Case-2], these flow packets are not arriving, I do not know if I need to configure something else inside or outside VRF. This is the configuration:

[Case-1] Configuration without VRF:
interface  FastEthernet0
  ip address 1.1.1.1  255.255.255.0
  no ip directed-broadcast
  negotiation  auto
ip flow-export destination 1.1.1.2  63636

[Case-2] Configuration with VRF:
interface  FastEthernet0
ip address 1.1.1.1  255.255.255.0
  ip vrf forwarding ANALISER
  no ip  directed-broadcast
  negotiation  auto
ip flow-export destination 1.1.1.2 63636 vrf ANALISER

Common Configuration:
ip vrf ANALISER
rd 19114:200001
export map RM-vrf-ANALISER
route-target export 19114:200001
route-target import 19114:200001
route-target import 19114:200011
route-target import 19114:200004

1.- Do I need to configure anything else?
2.- Is it possible to use the vrf interface as source of netflow packets?
3.- Can I export flow records within a VRF.

Thanks  in advance for your kindly help guys!

Saludos,

Carlos*

11 Replies 11

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Carlos,

according to netflow command reference support for export of netflow data to a VRF is recent

http://www.cisco.com/en/US/docs/ios/netflow/command/reference/nf_01.html#wp1049093

Before Cisco IOS Releases 12.4(4)T, only one routing option existed for NetFlow export data packets. NetFlow sent all export data packets to the global routing table for routing to the export destinations you specified.

this is clearly an IOS release for ISR routers.

looking at feature navigator at www.cisco.com/go/fn

using search by feature and typing netflow several netflow features are displayed but no explicit export to VRF feature appears.

You may want to open a service request to ask if and when it is supported on GSR.

As you can understand up to now netflow data export has been done in the global routing table and it is common practice for service providers to do so.

Hope to help

Giuseppe

Hi Giuseppe! Thanks for your answer. Just one questions...Do you know the right name for this feature?

Thanks!

Carlos*

Hi Carlos,

Did you made it work? 

it's not working in all versions, some DDTS have been opened for this issue.

I'm currently trying to solve a similar issue, I'm working with the developers and if you don't have a solution,

probably I can find it for you.

Can you please send me the following details:

- version

- show ip flow export - 3 times, (when the issue is happening.)

regards

Armando.

Carlos, Armando, I have the same issue, Netflow export does not work when destination is inside a VRF. Are we dealing with an IOS bug? Maybe Flexible Netflow fixes this?

Hi Carlos,

Please add udp after the name fo the VRF

ip flow-export destination 10.198.230.27 63636 vrf LEIPA udp

Christian

Bilal Nawaz
VIP Alumni
VIP Alumni

I have the same problem - exporting Flexible Netflow Data via the Mgmt interface on an ASR1002 doesn't seem to work :( any body have idea's?

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

I've had the following response from Cisco:

"Problem description: netflow not exported when the server is in management interface

Action Plan:

You are correct - the Netflow export is not supported via management interface.

Management interface is a special type interface - it is not considered as a regular interface by the QFP (forwarding ASIC) and is the only interface that is still alive when
ESP goes down. Netflow collection and export occurs directly on the ESP hardware and doesn't involve the RP. Based on that the engineering team made a conscious decision not to support Netflow export on it. They think that the feature can be dangerous for the RP (because of the traffic that might be needed to be processed). You can't change the VRF on the management interface and considering all the facts above
there are no plans to support Netflow export on the management interface.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

I an having the same problem - exporting Flexible Netflow Data via the Mgmt interface on an ASR1002 doesn't seem to work
Is it still true that the VRF management interface will not work?

very helpful note. Thanks for sharing.
CCIE 37523

I thought it might be helpful to add a show command showing that the packets are failing to send over the management VRF.

show flow exporter statistics

Flow Exporter NETFLOW:
  Packet send statistics (last cleared 00:00:04 ago):
    Successfully sent:         0                     (0 bytes)
    Reason not given:          49                    (64232 bytes)

  Client send statistics:
    Client: Option options application-name
      Records added:           0
      Bytes added:             0

    Client: Option options application-attributes
      Records added:           0
      Bytes added:             0

    Client: Flow Monitor NETFLOW
      Records added:           1797
        - failed to send:      1797
      Bytes added:             62895
        - failed to send:      62895

 

Please rate helpful posts.

MTECHNOLOGY1
Level 1
Level 1

if each VRFs required new forwarder configuration for the different VRF interfaces?