Your answer shows that we can apply  Layer 3 flow monitor to VLAN. Yes, Cisco guide says so too. How can we apply Layer 3 flow monitor to VLAN? What is the command?

From Cisco document: Layer 2 switched flow monitors are applied only to Layer 2 interfaces. IP and IPv6 flow monitors can be applied to VLANs, SVIs, Layer 3 routed interfaces, or subinterfaces.

https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/102x/configuration/system-management/cisco-nexus-9000-series-nx-os-system-management-configuration-guide-102x/m-configuring-netflow-10x.html

How can we apply Layer 3 flow monitor to VLAN? What is the command?

 

---

Configuring Bridged NetFlow on a VLAN

You can apply a flow monitor to a VLAN in order to gather Layer 3 data over Layer 2 switched packets in a VLAN.

switch# configure terminal
switch(config)#

switch(config)# vlan configuration 30
switch(config-vlan-config)# 

switch(config-vlan-config)# ip flow monitor testmonitor

another one:

Flexible Netflow configuration example:
Create the Flow Record:

flow record ipv4
match ipv4 tos 
match ip protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
match interface input
collect interface output
collect counter bytes long 
collect counter packets long 

Create Flow Exporter:

flow exporter NetFlow-to-Orion
destination 10.10.10.10
source ethernet 2/1
transport udp 2055
version 9
template data timeout 60

Create Flow Monitor:

flow monitor NetFlow-Monitor
description Original Netflow captures
record ipv4
exporter NetFlow-to-Orion
cache timeout inact 10
cache timeout act 60

Apply Flow Monitor to Interface:

vlan configuration 700
ip flow monitor NetFlow-Monitor input

https://support.solarwinds.com/SuccessCenter/s/article/Nexus-9k-Nexus-9000-Netflow-support?language=en_US 

there some tutorials you can prefer..

https://youtu.be/dzRjVoqkFM4

https://youtu.be/j7LULwyRl-k

 below is the  cisco documents..

https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/102x/configuration/system-management/cisco-nexus-9000-series-nx-os-system-management-configuration-guide-102x/m-configuring-netflow-10x.html#task_gky_51x_3tb

According to the guide we can apply Layer 3 Netflow to Layer 2 interface. Tried to apply to Layer 2 port-channel and got the following error.

Configuring Layer 3 NetFlow on Layer 2 Interfaces

https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/102x/configuration/system-management/cisco-nexus-9000-series-nx-os-system-management-configuration-guide-102x/m-configuring-netflow-10x.html

My configuration:

flow record TEST-RECORD-L3
match ipv4 source address
match ipv4 destination address
match ip protocol
match transport source-port
match transport destination-port
collect counter bytes
collect counter packets
collect timestamp sys-uptime first
collect timestamp sys-uptime last

flow monitor TEST-MONITOR
record TEST-RECORD-L3
exporter TEST-EXPORTER

sw(config)# int port-channel 1
sw(config-if)# layer2-switched flow monitor TEST-MONITOR input

ERROR: Protocol for record and monitor do not match

Is there any Netflow method to get Layer 3 information from Layer 2 interface?

Thanks.

I think sflow is the way to go with gathering layer 2 and layer 3 information from layer 2 interface.

feature sflow

sflow collector-ip xxx.xxx.xxx.xxx vrf default source yyy.yyy.yyy.yyy

sflow agent-ip yyy.yyy.yyy.yyy

sflow collector-port 2055

sflow data-source interface port-channel 10

The most notable difference of SFlow vs NetFlow is that SFlow is network layer independent and has the ability to sample everything and to access traffic from OSI layer 2-7, while NetFlow is restricted to IP traffic only. (C)