Does anyone have a standard set of configs to get Netflow working on a Cisco ISR 4300 series router so that it will export to NTA? It doesn't seem to like the basic configuration that Ive been using on my other routers.
Hello,
it seems that Cisco 4300 supports only Flexible Netlfow, which means you have to configure all three components:
1. Record
2. Exporter
3. Monitor
an apply the Monitor to given interface.
We are using following configuration in our lab, you can give it a try. Well,it is not a Cisco 4300, but I assume it should be the same.
1) configure the record with following commands:
flow record NTA
description config for NTA
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect transport tcp flags
collect interface input
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
2) configure the exporter with following commands:
flow exporter NTA
description Exporter for NTA
source Loopback0
destination 10.1.141.90
transport udp 2055
export-protocol ipfix
template data timeout 60
3) configure the monitor with following commands
flow monitor NTA
exporter NTA
record NTA
cache timeout active 60
interface GigabitEtherent 0/0/1
ip flow monitor NTA input
ip flow monitor NTA output
Use only input/output or both of them according you Netflow monitoring topology.
Hi Jason,
could you share you config?
Here is what I have tried. This is just from some brief Googling I did Friday, not sure it even makes sense, but looking at NTA today it does not appear I am getting any flow data from the router..
!
description netflow config for NTA
export-protocol netflow-v5
Here is the standard config that has been working on all my other devices...
ip flow-cache timeout active 1
ip flow-export source Loopback0
ip flow-export version 5
ip flow-export destination 10.1.141.90 2055
Let me know if there is any other part of the config I should share.
That configuration seem to be working correctly!
Thanks
I got this working on 1 4331 without virtual WAAS, but now when I put in the line with "source Loopback0" I am getting a message that it's incorrect... What could this be?
I have this config on a couple ISR4451 and ISR4431 - In Solarwinds NTA all fields just show the "Data Not Available" message. We have the same data going to Scrutinizer, and it displays just fine. So far I have not been able to find what's causing the missing data display in NTA.
I have the same exact issue.
Somewhere in troubleshooting, we stopped getting display of any Netflow data in Solarwinds NTA. We did a complete restart of the main Orion server and the Netflow DB server. After that, we started seeing the flows from the 4000 series routers. Rebooting shouldn't be the fix, but if we hadn't stopped seeing other flows, we wouldn't have resorted to that, and would have continued fighting this issue.
The command to see the info from the CLI on the router is:
show flow monitor name monitor-name cache format record
This is a good resource so I thought I would add this to make it more complete.
This command makes the display a little more traditional:
show flow monitor name monitor-name cache format table
Remember to change "monitor-name" to the name of the monitor.
