Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

NetFlow BGP Summary

I just upgraded to NTA 3.8 and trying to get BGP flow to work right. They appear to be working pretty well, but I did some additional research and found some Cisco documentation saying BGP next-hop support is not included in netflow version 5...but I am using it fine?

What I did was changed ip flow-export version 5 to ip flow-export version5 origin-as bgp-nexthop and started seeing the pretty graphs!

So I have a question, do we have to use version 9 in order to use the BGP functionality in NTA? Or do I need to input any more commands? Also, I see A LOT of traffic on -Reserved AS- (0), as my two BGP routers are directly plugged into my dmz, is there anyway to remove AS 0 from Top 5 AS?

Thanks!

Find more posts tagged with

Accepted answers

All comments

mcbridea

We do not support next hop reporting on 3.8, so v5 will work the same as v9 for now. You can remove AS zero in NetFlow Settings > Manage Autonomous Systems.

http://knowledgebase.solarwinds.com/kb/questions/3210/NTA+3.8+Autonomous+System+%28AS%29+Monitoring+Requirements

john.betts

OK so I can remove the bgp-nexthop part? I have had ip flow-export version 5 on it before and wasn't getting anything, is it the origin-as that is required for this? And is there any plans for future support of BGP next-hop?

I appreciate your quick response though! Lastly, is there anyway to remove AS 0 from top AS graph?

mcbridea

You can remove AS zero in NetFlow Settings > Manage Autonomous Systems.

john.betts

Thanks but that just removes the name, obviously my internal network will always be the top AS...anyway I can remoev it all together? If not, this should be a feature of next version...most environments will run into this same problem.

FormerMember

Is there any update for this in NTA 4.0? I'm experiencing this issue as well and I was wondering if it was because I use the following:

ip flow-export version 9 origin-as