10 Replies Latest reply on Oct 6, 2016 2:26 PM by alexpf

    Configuring Netflow on ISR 4300 series router

    morcowbel293

      Does anyone have a standard set of configs to get Netflow working on a Cisco ISR 4300 series router so that it will export to NTA?  It doesn't seem to like the basic configuration that Ive been using on my other routers.

        • Re: Configuring Netflow on ISR 4300 series router
          michal.hrncirik

          Hi Jason,

           

          could you share you config?

            • Re: Configuring Netflow on ISR 4300 series router
              morcowbel293

              Here is what I have tried.  This is just from some brief Googling I did Friday, not sure it even makes sense, but looking at NTA today it does not appear I am getting any flow data from the router..

               

              !

              flow record NTA

              description netflow config for NTA

              match ipv4 destination address

              collect interface input

              !

              !

              flow exporter NTA

              description Exporter for NTA

              destination 10.1.141.90

              transport udp 2055

              export-protocol netflow-v5

              !

              !

              flow monitor NTA

              exporter NTA

              !

              !

               

              Here is the standard config that has been working on all my other devices...

               

              ip flow-cache timeout active 1

              ip flow-export source Loopback0

              ip flow-export version 5

              ip flow-export destination 10.1.141.90 2055

               

              Let me know if there is any other part of the config I should share.

                • Re: Configuring Netflow on ISR 4300 series router
                  jcermak

                  Hello,

                   

                  it seems that Cisco 4300 supports only Flexible Netlfow, which means you have to configure all three components:

                  1. Record

                  2. Exporter

                  3. Monitor

                   

                  an apply the Monitor to given interface.

                   

                   

                  We are using following configuration in our lab, you can give it a try. Well,it is not a Cisco 4300, but I assume it should be the same.

                   

                  1) configure the record with following commands:

                   

                  flow record NTA

                   

                  description config for NTA

                   

                  match ipv4 tos

                   

                  match ipv4 protocol

                   

                  match ipv4 source address

                   

                  match ipv4 destination address

                   

                  match transport source-port

                   

                  match transport destination-port

                   

                  collect transport tcp flags

                   

                  collect interface input

                   

                  collect counter bytes long

                   

                  collect counter packets long

                   

                  collect timestamp sys-uptime first

                   

                  collect timestamp sys-uptime last

                   

                   

                  2) configure the exporter with following commands:

                   

                  flow exporter NTA

                   

                  description Exporter for NTA

                   

                  source Loopback0

                   

                  destination 10.1.141.90

                   

                  transport udp 2055

                   

                  export-protocol ipfix

                   

                  template data timeout 60

                   

                   

                  3) configure the monitor with following commands

                   

                  flow monitor NTA

                   

                  exporter NTA

                   

                  record NTA

                   

                  cache timeout active 60

                   

                   

                   

                  interface GigabitEtherent 0/0/1

                   

                  ip flow monitor NTA input

                   

                  ip flow monitor NTA output

                   

                   

                  Use only input/output or both of them according you Netflow monitoring topology.

                  4 of 4 people found this helpful
              • Re: Configuring Netflow on ISR 4300 series router
                fuser82

                I got this working on 1 4331 without virtual WAAS, but now when I put in the line with "source Loopback0" I am getting a message that it's incorrect... What could this be?

                • Re: Configuring Netflow on ISR 4300 series router
                  temark

                  I have this config on a couple ISR4451 and ISR4431 - In Solarwinds NTA all fields just show the "Data Not Available" message.  We have the same data going to Scrutinizer, and it displays just fine.  So far I have not been able to find what's causing the missing data display in NTA.

                  • Re: Configuring Netflow on ISR 4300 series router
                    alexpf

                    The command to see the info from the CLI on the router is:

                     

                    show flow monitor name monitor-name cache format record

                     

                    This is a good resource so I thought I would add this to make it more complete.