8 Replies Latest reply on Mar 18, 2015 12:14 PM by craqed

    Configure flexible netflow on Cisco 4507

    luiloong


      I had tried to configure flexible netflow on Cisco 4507 supervisor 7. It's working on physical interface(GigabitEthernet) but not working on virtual interface (vlan). Appreciate if someone can guide me on this. Below is the configuration.

       

      flow record r1
      match ipv4 protocol
      match ipv4 source address
      match ipv4 destination address
      match transport source-port
      match transport destination-port
      match interface input
      collect interface output
      collect counter bytes
      collect counter packets
      !
      flow exporter e1
      destination 192.168.1.1
      source GigabitEthernet2/29
      transport udp 2055
      !
      flow exporter e2
      destination 192.168.1.1
      source GigabitEthernet2/16
      transport udp 2055
      !
      flow exporter e3
      destination 192.168.1.1
      source GigabitEthernet2/13
      transport udp 2055
      !
      flow exporter e4
      destination 192.168.1.1
      source Vlan1
      transport udp 2055
      !
      flow monitor m1
      record r1
      exporter e1
      cache timeout inactive 30
      cache timeout active 60
      cache entries 1000
      !
      flow monitor m2
      record r1
      exporter e2
      cache timeout inactive 30
      cache timeout active 60
      cache entries 1000
      !
      flow monitor m3
      record r1
      exporter e3
      cache timeout inactive 30
      cache timeout active 60
      cache entries 1000
      !
      !
      flow monitor m4
      record r1
      exporter e4
      cache timeout inactive 30
      cache timeout active 60
      cache entries 1000
      !
      interface GigabitEthernet2/13
      switchport mode access
      ip flow monitor m3 input
      !
      interface GigabitEthernet2/16
      switchport mode access
      ip flow monitor m2 input
      !
      interface GigabitEthernet2/29
      switchport mode access
      ip flow monitor m1 input
      !
      vlan configuration 1
      ip flow monitor m4 input
      !

       

      Thanks in advance

       

      LUI

        • Re: Configure flexible netflow on Cisco 4507
          donthomas

          Is there any reason for using separate flow exporters and monitor for each interface? You can create 1 flow exporter and record, associate it to the same flow monitor and then apply that flow monitor on all the interfaces. Have you tried using the same flow monitor as the one you used for Gi interface on VLAN?

           

          R,

          Don

            • Re: Configure flexible netflow on Cisco 4507
              luiloong

              Donthomas thanks your replied.

              We using different flow exporters is because we want to monitor flow from different interface (gigabitethernet 2/13, 2/16, 2/29 and vlan1). We can not configure to monitor multiple source interface in 1 exporter.

              Yes, I did configurate flow monitor at VLAN but not working and below is the configuration.

                   vlan configuration 1

                   ip flow monitor m4 input

              But we can not see any traffic flow on this virtual interface (VLAN 1) at solarwinds.

                • Re: Configure flexible netflow on Cisco 4507
                  donthomas

                  But you do not need to use separate monitors. All you need is one flow record and exporter and you can associated it to the same monitor which then can be associated to each interface.

                   

                  Can you configure as below and check the issue:

                   

                  flow record NTArecord

                  match ipv4 source address

                  match ipv4 destination address

                  match transport source-port

                  match transport destination-port

                  match ipv4 protocol

                  match ipv4 tos

                  match interface input

                  collect interface output

                  collect counter bytes

                  collect counter packets

                   

                  flow exporter NTAexp

                  destination xx.xx.xx.xx     \\ Use IP Address of your NTA server

                  source GigabitEthernet0/1     \\ Use interface that has a route to the NTA server

                  transport udp 2055              

                   

                  flow monitor NTAmon

                  record netflow-original

                  exporter NTAexp

                  cache timeout inactive 60

                  cache timeout active 60

                   

                  interface VLAN1

                  ip flow monitor NTAmon input     \\ Repeat this command on all interfaces of your device including Gi and VLANs

                   

                  R,

                  Don

                    • Re: Configure flexible netflow on Cisco 4507
                      luiloong

                      ip flow monitor command is not allowed at SVI interface

                       

                      4507(config-if)#ip flow monitor m1_vlan input

                      % Flow Monitor: Flow Monitor 'm1_vlan' : Configuring Flow Monitor on SVI interfaces is not allowed. Instead configure Flow Monitor in vlan configuration mode via the command `vlan config <vlan number>'

                       

                      And I had tried configured at vlan configuration mode but still not working .