cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
973
Views
0
Helpful
1
Replies

'ip flow ingress' command initiating incoming packet

support
Level 1
Level 1

Hello, 

I was working on Cisco 3845 and have NAT setting on a vlan.

I had no problem at the beginning and found out DNS is not working today.

Symptom is host in the vlan can ping and access to website but not by domain name. 

1. Ping and traceroute to 8.8.8.8 perfectly fine and tried with several different PCs and VMs but same issue.

2. Ran WireShark and it shows a host request DNS to 8.8.8.8 but 8.8.8.8 is not responding or response is not coming in.

3. Added ip name-server 8.8.8.8 on Router and I have no problem ping google.com !!!!. 

4. Still the vlan is not receiving response from 8.8.8.8. 

5. To monitor packet flow, I added 'ip flow ingress' to the sub interface and it starts receiving 

My understanding is.....ip flow ingress is to enable netflow on the sub interface, but not to allow incoming traffic.

Q. Does anyone have idea what ip flow ingress does for this case? 

Q. Is there any function on router to troubleshoot this issue by not using 'ip flow ingress' ( I turned on debug ip packet detail but it didn't show me the reason) 

Thank you very much.

1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni

Hi 

I'm sorry but i may misunderstood your issue. 

Are you saying that by issuing the command ip flow ingress resolved your dns issue? 

Because this command is there just to monitor the traffic using netflow and it sounds odd.

Have you tried to remove it and test again? Maybe it was just a coincidence.

Can you share some part of your config regarding the nat and acl? Then we can help you on this issue. 

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco