Solved: Unable to switch pass a VLAN - Page 2

codemsittc · ‎01-05-2021

Hi guys,

I'm having a really weird situation whereby my netflow traffic just got stuck at my switch vlan 100 when i view using wireshark using the commands below:

monitor session 1 source vlan 100 both

monitor session 1 destination interface g1/0/20

When i monitor the source of vlan 60 both, there are no netflow traffic at all.

So in my C9300 switch, when i check show ip route, i see that i do have routes to reach networks or host that i want to reach, and the NTP is working. However, the netflow traffic doesn't seem to pass over to the external network.

As you can see from the ping test i've done, it seems that traffic sourcing from vlan 100 cannot route to the external network or vlan 60.

Also, i've turned on debugging for IP ICMP but when i ping, there wasn't any debugging logs when i ping with the source of 192.168.1.250 OR vlan 100 (i've turned on logging console debugging and check show logs too). Does this mean that the ping did not even happen and got "dropped" immediately?

When i do a normal ping to 192.168.1.254, there are debugging logs.

Anyone have any steps or idea that i can try for troubleshooting this issue? It was previously working, and it just suddenly stop working (i was informed by a SOC team monitoring the netflow traffic)

codemsittc · ‎01-10-2021

Hi Georg,

I've removed the "ip verify unicast source reachable-via rx" command from int vlan 100 and it worked!

Thanks for the help.

Apparently, it is not needed for int vlan 60.

I believe it was because int vlan 100 wasn't able to reach the source from the Cisco UDP Director (the one sending the netflow data).