I have a 4503-E running 12.2(53)SG1. It has 5 VLANs:
Vlan 240: 192.168.240.1/24
Vlan 241: 192.168.241.1/24
Vlan 242: no IP, no SVI, but has 192.168.242.0/24 traffic on it.
Vlan 243: 192.168.243.1/24
Vlan 503: Vlan used to peer with my WAN: 198.98.x.x/30
Here is my NetFlow config for it:
ip flow ingress infer-fields ip flow ingress layer2-switched ip flow-cache timeout inactive 10 ip flow-cache timeout active 15 ip flow-export source Vlan240 ip flow-export version 5 ip flow-export destination 192.168.59.243 2055 ip route-cache flow infer-fields
Strangely, in Orion, which we use for Network monitoring / Netflow collecting, it's showing traffic between two hosts in the 192.168.242.0/24 subnet, 242.101 and 242.50. It's also reporting that traffic as being on VLAN 503. These hosts are valid hosts, but they are in-fact on VLAN 242, and I've verified that the 192.168.242.0/24 subnet does not exist in my network any other place. These hosts are able to communicate without issues or latency, so it doesn't seem to be impacting the traffic, it looks to be just how its being reported.
Any idea why: A. This traffic is being reported and B. Is being reported on the wrong interface?
I was under the impression that Netflow required a Layer3 interface? I could be wrong.
I'm attaching a screenshot from the netflow collector just for grins and giggles.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...