Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

NetFlow Layer2 on nexus 7k

Hi guys,

Ive tried to configure NetFlow on layer 2 without success.

I configured the recond\monitor\exporter like the configuration guide said.

but still i dont receive any netflow traffic.

I checked the firewall on the VM and it looks fine.

Anyone have any idea??

i have done  the command under the ethernet interface :" layer2-switch flow monitor TEST input" - for layer2 input.

Regards,

5 REPLIES
VIP Super Bronze

NetFlow Layer2 on nexus 7k

New Member

NetFlow Layer2 on nexus 7k

Hi,

Thanks for the fast replay!!

iam using version 5.1

here is sample of the configuration:

flow exporter scrutinizer

description netflow-tester

destination 192.168.1.212 - the netflow analyzer server ip address

version 9

source vlan 3 (192.168.1.211)

flow monitor TESTER

flow record netflow-original

exporter scrutinizer

** i did try to create my wn record for only layer2 data - without success.

After ive done this i start to add the interfaces i want to check.

int ethernet 2/1-2 - this is the uplink we want to test

layer2-switch flow monitor TESTER input

any idea`s?

New Member

NetFlow Layer2 on nexus 7k

Here is the configruation on the Nexus 7k

flow exporter scrutinizer

  description export netflow to scrutinizer

  destination 10.100.212.111

  transport udp 6343

  source Vlan3

  version 9

flow monitor LIAD

  record netflow layer2-switched input

  exporter scrutinizer

interface port-channel1

  layer2-switched flow monitor LIAD input

------------------------------------------------------------------------------------------------------------------------------------------------------------

New Member

NetFlow Layer2 on nexus 7k

Hello,

Does this entry appear in your FnF Record?

* collect datalink mac source address input

Found this on: http://www.bradreese.com/how-to/2-20-2011.htm

Jake

plixer.com

NetFlow Layer2 on nexus 7k

Hey,

Did you put "mac packet-classify"  on the layer 2 link?  SInce you are esentially placing a MAC ACL on the layer 2 interface when netflow is applied. This would be required to see IP traffic exported.   Other wise only "non-ip" traffic will be exported, which I would imagine would not be very helpful here.

Also keep in mind that the netflow-original recorder is really designed for layer 3 traffic and doesn't have any relevant layer 2 information, See below:

Flow record netflow-original:

    Description: Traditional IPv4 input NetFlow with origin ASs

    No. of users: 1

    Template ID: 258

    Fields:

        match ipv4 source address

        match ipv4 destination address

        match ip protocol

        match ip tos

        match transport source-port

        match transport destination-port

        match interface input

        match interface output

        match flow direction

        collect routing source as

        collect routing destination as

        collect routing next-hop address ipv4

        collect transport tcp flags

        collect counter bytes

        collect counter packets

        collect timestamp sys-uptime first

        collect timestamp sys-uptime last

This may not matter if you are putting this in between two routers, where the MAC's don't change, but you probably want to create you own recorder:

flow record layer2-netflow

  match datalink mac source-address

  match datalink mac destination-address

  match datalink vlan

You can also add in any of the above information as well from netflow orginal depending on what you actually want to see.


Thanks,

Adam

2320
Views
0
Helpful
5
Replies
CreatePlease to create content