cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1951
Views
15
Helpful
4
Replies

Nexus 7000 bridged netflow

Mate Grbavac
Level 1
Level 1

Hi,

I have N7k (NX-OS 6.2(2)) with SUP1, M1 and F1 linecards.

I need to export netflow for traffic in VLAN 30 and I configured bridged netflow. Config is:

flow exporter NF_EXP
 destination 10.10.101.11
 transport udp 9993
 source Vlan101
 version 9

flow record NF-L2

flow monitor NF-L2
 record NF-L2
 exporter NF_EXP

Flow record is:

sh flow record NF-L2
Flow record NF-L2:
No. of users: 1
Template ID: 261
Fields:
match interface input
match interface output
match flow direction

Flow monitor is configured under the VLAN configuration (according to config guide for bridged netflow):

vlan configuration 30
ip flow monitor NF-L2 input

But, it's not working. If I configure flow monitor under SVI (L3 netflow) than everything looks OK, but I need L2 netflow...

4 Replies 4

Mark Malone
VIP Alumni
VIP Alumni

I only have flexible netflow running on nx-os at L3 but looking at the doc theres a bit more required for L2 flows

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/configuration/guide/sm_nx_os_cg/sm_15netflow.html

Configuring Layer 2 NetFlow

You can define Layer 2 keys in flexible NetFlow records that you can use to capture flows in Layer 2 interfaces. The Layer 2 keys are as follows:

Source and destination MAC addresses

Source VLAN ID

EtherType from the Ethernet frame

You can apply Layer 2 NetFlow to the following interfaces for the ingress direction:

Switch ports in access mode

Switch ports in trunk mode

Layer 2 port channels


Note You cannot apply Layer 2 NetFlow to VLANs, egress interfaces, or Layer 3 interfaces such as VLAN interfaces.


BEFORE YOU BEGIN

Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.

SUMMARY STEPS

1. config t

2. flow record name

3. match datalink {mac source-address | mac destination-address | ethertype | vlan}

4. interface {ethernet slot/port} | {port-channel number}

5. switchport

6. mac packet-classify

7. layer2-switched flow monitor flow-name input [sampler sampler-name]

8. show flow record netflow layer2-switched input

9. copy running-config startup-config

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Applying a Layer-2 NetFlow Monitor an Interface
Cisco IOS Software does not have the ability to apply a layer-2 flow monitor to an interface and specify the input or output direction. Cisco IOS software uses a global command to specify the VLAN for which only ingress bridged-traffic is captured. See the previous example. interface etherent 1/1

switchport

switchport access vlan 100

mac packet-classify

layer2-switched flow monitor Netflow-Monitor-L2 input

http://docwiki.cisco.com/wiki/Cisco_NX-OS/IOS_Netflow_Comparison

Hi Mark,

tnx for reply.

I read that documents, but I want to configured bridged netflow which should be supported and it' need to be configured under VLAN.

Configuring Bridged NetFlow on a VLAN

You can apply a flow monitor and an optional sampler to a VLAN.

BEFORE YOU BEGIN

Make sure that you are in the correct VDC. To change the VDC, use the switchto vdc command.

SUMMARY STEPS

1. config t

2. vlan [configuration] vlan-id

3. ip flow monitor name {input | output} [sampler name]

4. copy running-config startup-config

Hi just looking the layer 2 flow record its different than the layer 3 flow record that way iot may not be pulling anything as its trying to get ip flow , did you try set below in your flow for L2 traffic match datalink {mac source-address | mac destination-address | ethertype | vlan}

Yes, here is the flow record:

sh flow record NF-L2
Flow record NF-L2:
No. of users: 0
Template ID: 0
Fields:
match interface input
match interface output
match datalink mac source-address
match datalink mac destination-address
match datalink source-vlan-id
match datalink ethertype
match flow direction

I added flow record to monitor and after I tried to add monitor to VLAN through VLAN configuration I got message:

ERROR: Protocol for record and monitor do not match

On the other side, if I add monitor to L2 interface I got message:

ERROR: L2 Netflow Cannot be configured on F1 Line card ports

Review Cisco Networking for a $25 gift card