NetFlow VRF Export

Similar Messages

• How to export Sampling info in Netflow V5 Export Packet

  HI,
  Can you please share with me commands to configure Random Sampled Netflow and then export it in V5 format. Where in V5 export packet sampling information gets exported ?
  Thanks a lot.
  Regards,
  Deepak

  So I've done a bit more research and experimenting.  I've found a good way to export environment variables using systemctl so that they are available to systemd spawned processes, but not to me as a user on the command line (or via cron).
  # http://comments.gmane.org/gmane.comp.sysutils.systemd.devel/8995
  [Unit]
  Description=Gnome Keyring Daemon
  Requires=dbus.socket
  [Service]
  Type=oneshot
  ExecStart=/bin/sh -c "for env in $( /usr/bin/gnome-keyring-daemon --start --components=gpg,pks11,secrets,ssh ); do /usr/bin/systemctl --user set-environment $env; done"
  ExecStop=/bin/sh -c "for env in GNOME_KEYRING_PID GNOME_KEYRING_CONTROL SSH_AUTH_SOCK GPG_AGENT_INFO; do /usr/bin/systemctl --no-block --user unset-environment $env; done"
  RemainAfterExit=yes
  [Install]
  WantedBy=mystuff.target
  After that, I can see the desired environmental variables in systemctl --user show-environment, but they don't show up in my shell when I printenv.
  Last edited by Morrad (2013-05-16 05:57:32)

• NetFlow from VRF on 4451-X

  I have a 4451-X router running XE 3.13.
  I want to get NetFlow data from interface G0/0/0 and sent it to my collector via the management VRF interface G0. Is this possible? If so, what is the configuration to make it work?
  This is what I have so far:
  flow record NetFlow
   match ipv4 tos
   match ipv4 protocol
   match ipv4 source address
   match ipv4 destination address
   match transport source-port
   match transport destination-port
   collect counter bytes
   collect counter packets
  flow exporter NetFlow-to-Orion
   destination 10.y.y.90 vrf Mgmt-intf
   source GigabitEthernet0
   transport udp 2055
   export-protocol netflow-v5
  flow monitor NetFlow-Monitor
   description Original Netflow captures
   exporter NetFlow-to-Orion
   cache timeout inactive 10
   cache timeout active 5
   record NetFlow
  interface GigabitEthernet0/0/0
   ip address xxx.xxx.xxx.xxx/30
   ip flow monitor NetFlow-Monitor input
   ip flow monitor NetFlow-Monitor output
   media-type sfp
   no negotiation auto
   no lldp transmit
  interface GigabitEthernet0
   vrf forwarding Mgmt-intf
   ip address 10.x.x.37 255.255.255.0
   negotiation auto
  What am I missing?
  Thanks,
  Patrick

  What netFlow tool do you have? Is the NetFlow tool seeing packets but not reporting anything?
  If so, it can be because the flow records exported does not have the necessary information needed by the tool to process the NetFlow datagrams. Most NetFlow tools expect the below configuration:
  flow record netfow
  match ipv4 tos
  match ipv4 protocol
  match ipv4 source address
  match ipv4 destination address
  match transport source-port
  match transport destination-port
  match interface input
  collect interface output
  collect counter bytes
  collect counter packets
  collect flow direction
  And in the flow exporter, reduce the active cache timeout to 1
  If the server where the NetFlow tool is installed is not seeing packets, make sure that:
  1. You have a route to the destination from the GigabitEthernet0
  2. No firewalls on the server or ACLs are blocking packets from the switch to the NetFlow server
  Thanks,
  Don

• WAAS Netflow Export

  Can CIsco WAAS generate / Export netflow ?

  Hi All,
  Cisco WAAS Flow Monitoring is different from traditional or flexible  NetFlow available on Cisco devices and so NetFlow analysis tools cannot process them. All flow analyzers can process NetFlow data exported from devices that have WAE included with them. But that is just NetFlow and not WAAS Flow Monitoring.
  From  what I have heard, WAAS Flow Monitoring is very specific and these flows can be processed only by NetQoS and you  will need NetQoS SuperAgent for this. The NetQoS SuperAgent processes  the flows received from WAAS FlowAgent (which again was developed by  NetQoS) sitting on the WAE. More details in the below link:
  http://www.cisco.com/en/US/docs/nsite/enterprise/wan/wan_optimization/chap04.html#wp1053045
  But  there are API's available for WAAS monitoring using which any analyzed  tools can report on the performance of your WAAS optimization.  ManageEngine NetFlow Analyzer supports WAAS reporting using API. More  information in the below link:
  http://www.manageengine.com/products/netflow/help/add-ons/waas/about-waas.html
  For the type of reports available, check the below link:
  https://blogs.manageengine.com/netflowanalyzer/2011/07/11/cisco-waas-reporting-in-netflow-analyzer-part-2
  Regards,
  Don Thomas Jacob
  ME NetFlow Analyzer

• Netflow Nexus 7000

  Hi all,
  A few months ago I have configured netflow on a Nexus 7000 with NX-OS version 6.0.2.
  This was my config:
  flow exporter Fluke_NetflowTracker
    description export netflow to Fluke_NetflowTracker
    destination x.x.x.x use-vrf management
    transport udp 2055
    source mgmt0
    version 9
  flow exporter Fluke_Optiview
    description export netflow to Fluke_Optiview
    destination x.x.x.x  transport udp 2055
    source Vlanx
    version 9
  flow monitor MonitorTrafficToFluke
    record netflow-original
    exporter Fluke_NetflowTracker
    exporter Fluke_Optiview
  This flow was activated on some SVI's. "ip flow monitor MonitorTrafficToFluke input"
  Recently we have upgraded the NX-OS to version 6.1.3. The netflow keeps on working, but the syntax of the netflow configuration has changed. Now you have to add a sampler as well.
  So I have created the following sampler.
  sampler NetFlow-Sampler
    description Netflow Sampler
    mode 1 out-of 1000
  When I want to update the current configuration with the sampler I can't adapt or remove the existing netflow configuration on the SVI.
  NK7(config-if)# no ip flow monitor MonitorTrafficToFluke input
  ERROR: A sampler must be configured for an interface on an F2 card
  NK7(config-if)# ip flow monitor MonitorTrafficToFluke input sampler NetFlow-Sampler
  An additional 1:100 sampler, over the configured sampler is applicable for F2 ports
  Error: Sampler can not be changed on Interface Vlanx. Remove flow monitor first.
  ERROR: Command has failed
  How do I update or remove the existing configuration on the SVI.
  I want the config to be "ip flow monitor MonitorTrafficToFluke input sampler NetFlow-Sampler"
  Thank you,
  Best Regards,
  Joris

  Hi Joris,
  Try no feature netflow under the interface and try to re-apply the whole configs. Since its a F2 we dont support config changes until 6.2(2) only way is to remove the configs using no feature netflow and re-applying it.
  Thanks,
  Richard.
  *Rate if its useful

• 6506 NetFlow

  Hi,
  I'm trying to capture an ingress traffic on SVI interface of my Cisco 6506 (WS-C6506-E).
  I've enabled NetFlow on the Multilayer Switch Feature Card (MSFC):
  ip flow-export source Vlan254ip flow-export version 5ip flow-export destination 172.23.100.21 2055
  Enabled NetFlow and NetFlow Data Export (NDE) on the Policy Feature Card (PFC):
  ip flow ingress layer2-switched vlan 130mls netflow interfacemls flow ip interface-destinationmls nde sender version 5mls aging fast threshold 127mls aging long 1000mls sampling time-based 512mls cef error action resetmls netflow sampling
  and on the monitorable interface:
  interface Vlan130 ip address 172.23.170.2 255.255.255.0 ip flow ingress mls netflow sampling standby 1 ip + timers + priority + preempt + authentication
  Now I'm trying to see capruted flows. The point is I can't see flow's source address, source and destination port, and L4 protocol for unicast flows:
  Cat6506-LAN1#sh mls netflow ipDisplaying Netflow entries in Active Supervisor EARL in module 5DstIP           SrcIP           Prot:SrcPort:DstPort  Src i/f          :AdjPtr-----------------------------------------------------------------------------Pkts         Bytes         Age   LastSeen  Attributes---------------------------------------------------172.23.131.5    0.0.0.0         0   :0      :0        Vl130            :0x0202          52554         2     17:04:35   L2 - Dynamic0.0.0.0         0.0.0.0         0   :0      :0        --               :0x013312        6807977       2     17:04:35   L3 - Dynamic172.23.170.64   0.0.0.0         0   :0      :0        Vl130            :0x00            0             2     17:04:34   L2 - Dynamic172.23.170.123  0.0.0.0         0   :0      :0        Vl130            :0x00            0             2     17:04:35   L2 - Dynamic224.0.0.2       172.23.170.3    udp :1985   :1985     Vl130            :0x02            156           1     17:04:35   Multicast
  224.0.0.2       172.23.170.3    udp :1985   :1985     Vl130            :0x08            624           6     17:28:03   Multicast172.23.170.181  0.0.0.0         0   :0      :0        Vl130            :0x00            0             5     17:28:03   L2 - Dynamic
  The same output info I get on my NetFlow collector.
  Anybody know a reason what can prevent of collecting flows correctly?
  Thanks.

  might want to change the flow mask to full instead of destination. I think that should give you the rest of the info. chris

• Leaking subscribers between VRFs

  Hi,
  I have two VRFs, lets call them internet, and customers_1.
  PPPoE, and IPoE subscribers terminate in the customers_1 VRF, I am wanting to leak these addresses into the internet vrf.
  I have configured the relevant import and export statements, and see the routes, however the routes are advertised into the internet vrf with a next hop of 0.0.0.0 thus, they do not appear in CEF (seen via sh cef vrf interent), and traffic is not forwarded.
  Can anyone let me know how I would achieve this.
  here is the customer_1 vrf routing table (partial):
  B    3.3.3.0/24 [200/0] via 202.74.33.249 (nexthop in vrf internet), 00:00:08
  B    4.4.4.0/24 [200/0] via 202.74.33.249 (nexthop in vrf internet), 00:00:08
  S    100.64.0.0/12 is directly connected, 01:11:20, Null0
  C    100.64.0.0/17 is directly connected, 1w3d, Loopback2
  L    100.64.0.1/32 is directly connected, 1w3d, Loopback2
  A   100.64.0.99/32 is directly connected, 1w1d, Bundle-Ether100.1.ip8
  B    103.241.56.0/22 [200/0] via 202.74.33.249 (nexthop in vrf internet), 00:00:08
  A    116.251.122.4/32 is directly connected, 1w1d, Bundle-Ether100.1.pppoe5
  A    116.251.193.254/32 is directly connected, 1w1d, Bundle-Ether100.1.ip7
  here is the internet vrf rotuing table (partial)
  B    3.3.3.0/24 [200/0] via 202.74.33.249, 00:00:02
  B    4.4.4.0/24 [200/0] via 202.74.33.249, 00:00:02
  B    100.64.0.99/32 [200/0] via 0.0.0.0 (nexthop in vrf customers_1), 00:47:47, Bundle-Ether100.1.ip8
  B    116.251.122.4/32 [200/0] via 0.0.0.0 (nexthop in vrf customers_1), 00:47:47, Bundle-Ether100.1.pppoe5
  B    116.251.128.0/18 [200/0] via 202.74.33.249, 00:00:02
  B    116.251.192.0/21 [200/0] via 202.74.33.249, 00:00:02
  B    116.251.193.254/32 [200/0] via 0.0.0.0 (nexthop in vrf customers_1), 00:47:47, Bundle-Ether100.1.ip7
  B    202.74.33.58/32 is directly connected, 00:44:45, Loopback1 (nexthop in vrf customers_1)
  the follwoing  are the vrf export/import statements - i have no route-maps yet, as am just trying to get basic connectivity going first.
  vrf internet
  address-family ipv4 unicast
    import route-target
     65536:200
     65536:100
    export route-target
     65536:200
  vrf customers_1
  address-family ipv4 unicast
    import route-target
     65536:200
     65536:100
    export route-target
     65536:100
  in BGP i have for the customers vrf:
  vrf customers_1
    rd 65536:100
    address-family ipv4 unicast
     redistribute ospf customers_1 match internal external
     redistribute subscriber
  many thanks,
  mike

  Mike,
  I do not have other alternative solutions, the only one i can suggest is by using Access-list forwarding (ABF) on incoming interface from internet. The good thing about this is that you can have one ACE for pool of your customer's ip address. Put summarized destination address and point to the VRF as the destination. It is called ABF VRF select. This cause the ingress packet from internet with destination of vrf customers_1 ip address will be forwarded using VRF customers_1.
  regards,
  rivalino

• Netflow on cisco me 6523

  hello
  im trying to get netflow working on a me 6523 to a destination address using udp port 4739 but im not getting anything through wire shark while connected
  to a span port on the router or the connecting switch.
  Im using the management interface which is using port-channel1

  Hi Sean,
  Can you try configuring your Cisco switch as below and check.
  mls netflow     // This enables NetFlow on the Supervisor.
  mls nde sender version 7
  mls aging long 64  // This breaks up long-lived flows into (roughly) one-minute segments.
  mls aging normal 32  // This ensures that flows that have finished are exported in a timely manner.
  mls flow ip interface-full
  mls nde interface
  The next two commands will help to enable NetFlow data export for  bridged traffic which is optional. You can specify the list of VLANs  here to enable bridged traffic.
  ip flow ingress layer2-switched vlan
  ip flow export layer2-switched vlan
  Apart from this, NetFlow has to be enabled on the MSFC using the below commands.
  ip flow egress       // This command has to be executed on all the L3/VLAN interfaces.
  ip flow-export destination {hostname|ip_address} 9996  // The hostname or IP address of the flow server
  ip flow-export source {interface} // The interface through which NetFlow packets are exported. eg: Loopback0
  ip flow-export version 9
  ip flow-cache timeout active 1
  snmp-server ifindex persist
  Regards,
  Don Thomas Jacob
  ManageEngine NetFlow Analyzer

• NBAR, Netflow, QoS Policing, 6500s, IOS 12.1(26)E7, and MARS

  Hello. I'm having trouble seeing the forest OR the trees, and I'd appreciate some help from someone who has a better field view than myself. We're upgrading our internet connection to 200MB and management is wanting to upgrade our Packet Shaper to meet the new bandwidth. (The Packet Shaper shows top talkers, top protocols, and rate limits protocols or users.) I'm trying to make the argument that we can do this w/ existing tools (nbar, netflow, QoS policing, and MARS), at the same time I'm trying to make the argument that we need to have our supervisors (currently SUP2 MSFC2) on a 3-4 year upgrade cycle.
  To get to the 12.2 IOS, I'd require a memory or sup upgrade. What I am hoping for is someone who has gone down this road who knows what I'm lacking in 12.1 code, or if in fact I can do it all here.
  While it is self-evident to most in IT why we need to regularly upgrade equipment, I'm having difficulty making this argument to management with hard facts. I'm guessing they'd still be running Windows for Workgroups to save money...but that's another story.
  My plan is to use Netflow and MARS to track top users and top protocols. It appears that I lose some mgt functionality w/ MARS in conjunction w/ IOS 12.1, but I am currently unclear if I lose any tracking capability. (MARS is new to us and awaiting install.)
  Then, I hope to use NBAR to identify all the latest P2P traffic and police it appropriately w/ QoS tools.
  Does my thinking sound solid? Will I be able to pull this off w/ 12.1? If not, what do I need that I lack in 12.1?
  Thank you for your time,
  Joshua

  Hi,
  First of all - you need to be clear that although MARS uses netflow data, it uses it for the purpose of identifying security issues. If you want to use netflow for reporting and/or accounting purposes MARS isn't the tool you need, try one of the following freeware netflow tools:
  http://www.cisco.com/warp/public/732/Tech/nmp/netflow/partners/freeware/index.shtml
  or one of the following commercial tools:
  http://www.cisco.com/warp/public/732/Tech/nmp/netflow/partners/commercial/index.shtml
  The freeware ones are generally more difficult to set up but once running are just as good as the commercial ones.
  However, this means you need two netflow destinations - one for MARS and one for your netflow tool, and this feature is called "Netflow Multiple Export Destinations" and initially appeared at 12.1(3)T, but it seems to be VERY platform specific - for example, because we only run GD software on our 3660's we had to upgrade to 12.3(20) to get it.
  Looking at the Feature Navigator for SUP2/MSFC2 it appears that you need at least 12.2(18)SXF6 to get this feature so that might help your case.
  I'd personally keep the PacketShaper for it's reporting capability if nothing else (IOS can do the job, but not as elegantly as the PacketShaper).
  HTH - plz rate if useful.
  Andrew.

• How to configure ASA 5510 V9.1(5) to send Netflow packets to Netflow Analyser 8.0

  Hi guys,
  I've configured my ASA 5510 Version 9.1(5) to send flow to Netflow Analyser. I think I've done it correctly but what happened is that I can see the ASA in netflow and netflow packets are receiving and increasing every time I refresh the page but there are no traffic as you can see in the attachment file. Also how can I figure out which ifindex is which interface to rename it? 
  BTW, my netflow version is 8.0 and below is the netflow config:
  access-list NETFLOWMONITOREDTRAFFIC extended permit ip any any
  flow-export destination INSIDE A.B.C.D 9996
  flow-export template timeout-rate 1
  flow-export delay flow-create 60
  flow-export active refresh-interval 2
  class-map NETFLOW
   match access-list NETFLOWMONITOREDTRAFFIC
  policy-map global_policy
   class inspection_default
    inspect dns preset_dns_map 
    inspect ftp 
    inspect h323 h225 
    inspect h323 ras 
    inspect ip-options 
    inspect netbios 
    inspect rsh 
    inspect rtsp 
    inspect skinny  
    inspect sqlnet 
    inspect sunrpc 
    inspect tftp 
    inspect sip  
    inspect xdmcp 
    inspect icmp 
    inspect icmp error 
   class NETFLOW
    flow-export event-type all destination A.B.C.D
   class class-default
    flow-export event-type all destination A.B.C.D
  Hope someone can help me here.
  Cheers,
  Joe

  I did find a workaround by keeping a connection open for communication between the client and server. However, I wish I did not have to do this. Ideally, I would like to be able to establish connections to the server only when needed and have the client JRE remember what certificate the user selected.
  Browsers have this feature based on a user session. (i.e. once a user offers up a certificate to a server, the browser will not ask the user which certificate to send for the duration of the session to a given server).

• Can MPLS aware Netflow ver. 9 be enabled on the catalyst switches 6500

  HI, I'm working for KOREA TELECOM, and currently providing MPLS VPN.
  We're planning to provide our customer with traffic report using NetFlow..
  I read some documents which reads Netflow ver.9 can be enabled on Cisco GSR 12000 Series, but no mention about catalyst switches. So, I ' m curious about that Netflow ver 9 can be activated on catalyst 6500 series.. because the point where switch is located already have mpls encapsulated packet ( mpls vpn packet).
  Thank you , in advance.

  NetFlow is now integral to Cisco 6500. A configuration we recommend is as below:
  mls netflow     // This enables NetFlow on the Supervisor.
  mls nde sender version 7
  mls aging long 64  // This breaks up long-lived flows into (roughly) one-minute segments.
  mls aging normal 32  // This ensures that flows that have finished are exported in a timely manner.
  mls flow ip interface-full
  mls nde interface
  The  next two commands will help to enable NetFlow data export for  bridged  traffic which is optional. You can specify the list of VLANs  here to  enable bridged traffic.
  ip flow ingress layer2-switched vlan
  ip flow export layer2-switched vlan
  Apart from this, NetFlow has to be enabled on the MSFC using the below commands.
  ip flow egress       // This command has to be executed on all the L3/VLAN interfaces.
  ip flow-export destination {hostname|ip_address} 9996  // The hostname or IP address of the flow server
  ip flow-export source {interface} // The interface through which NetFlow packets are exported. eg: Loopback0
  ip flow-export version 9
  ip flow-cache timeout active 1
  snmp-server ifindex persist
  The new Cisco Flexible NetFlow actually allows for export of MPLS specific information (I believe it is stack lables) in addition to information on IP Address, port, etc. But you will need a tool that can support these additional fields. Otherwise you can view IP, port, protocol, etc related information from MPLS links.
  Regards,
  Don Thomas Jacob
  ManageEngine NetFlow Analyzer

• Inter-VPN routing with export map for host routes

  Hi,
  I am trying to export host routes from a connected network from one VRF to multiple other VRFs. This is to allow the leaking specific host routes for management purposes. However, I suspect that the /32 host route(s) actually need to be present in the management VRF so the RTs are added accordingly, rather than just specified in the match clause of the MGMT VRF export map.
  Ideally here, I only want to export 10.111.111.254/32 from the connected network 10.111.111.0/24 in the MGMT VRF. The only way around this I can see it to move 10.111.111.0/24 behind another device, and add specific host route(s) within the MGMT VRF for the 10.111.111.X/32 host routes (which are redistributed into the MGMT VRF), using the additional device as the next-hop.
  ip vrf MGMT
  rd 1:1
  export map MGMT-EXPORT-MAP
  route-target export 1:1
  route-target import 1:1
  route-target import 1:1001
  ip vrf CUST-B
  rd 1:2
  export map CUSTOMERS-EXPORT-MAP
  route-target export 1:2
  route-target import 1:2
  route-target import 1:1000
  interface FastEthernet0/0.100
  encapsulation dot1Q 100
  ip vrf forwarding MGMT
  ip address 10.111.111.1 255.255.255.0
  interface FastEthernet0/0.200
  encapsulation dot1Q 101
  ip vrf forwarding CUST-B
  ip address 10.96.2.1 255.255.254.0
  router bgp 65000
  bgp router-id 1.1.1.1
  no bgp default ipv4-unicast
  bgp log-neighbor-changes
  address-family ipv4 vrf CUST-B
    redistribute connected
    no synchronization
  exit-address-family
  address-family ipv4 vrf MGMT
    redistribute connected
    no synchronization
  exit-address-family
  ip prefix-list CUSTOMERS seq 5 permit 10.96.2.0/23
  ip prefix-list ONPREMISE seq 5 permit 10.111.111.0/24
  ip prefix-list ONPREMISE seq 10 permit 10.111.111.254/32
  route-map CUSTOMERS-EXPORT-MAP permit 10
  match ip address prefix-list CUSTOMERS
  set extcommunity rt  1:1001 additive
  route-map MGMT-EXPORT-MAP permit 10
  match ip address prefix-list ONPREMISE
  set extcommunity rt  1:1000 additive
  Cheers,
  Matt

  Hi Matt
  Yes the X/32 routes needs to be present in the VRF Routing-Table and if they are to be learnt statically then the MP-iBGP config for that particular VRF address-family has to redistribute static routes as well.
  Regards
  Varma

• GETVPN Group Member and Netflow

  Hi,
  We've recently migrated some remote sites on to new WAN links, and configured GETVPN on these remote Routers. Connectivity is working as expected, I'm just having issues in getting netflow working correctly. It appears that the spoke router is attempting to send the Netflow data, but when it's hitting the Hub Router, I'm seeing %IPSEC-3-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet within the logs.
  Having seem some similar issues flagged, I've modified the Netflow configuration to replicate the below (which now includes the output features command within the flow exporter) but the IPSEC-3-RECVD_PKT_NOT_IPSEC log messages still persist. The ipsec config is currently set so that the Netflow traffic should be encrypted.
  flow exporter Test
  description Netflow export to Netflow-Server
  destination *.*.*.*
  source Loopback0
  output-features
  transport udp 2055
  flow monitor Test
  record netflow-original
  exporter Test
  Am I missing something within the configuration - Router in question is a Cisco 3845, running 15.1(4)M5
  TIA

  Hi Daniel,
  Well know feature - netflow was not supported with ipsec (netflow packets not encrypted even when hitting ipsec policy).
  But for flexible netflow it works when you enable "output feature":
  https://supportforums.cisco.com/docs/DOC-13452
  Michal

• NDE on 7600

  I have a 7600 running 12.2(33)SRE1. I was wondering why mls nde export statistics aren't incrementing.
  I have the following configured:
  ip flow-export source Loopback3
  ip flow-export version 5
  ip flow-export destination 192.168.2.200 9995
  mls flow ip interface-full
  no mls flow ipv6
  mls nde sender
  mls sampling time-based 512
  I have Vlan interfaces with ip flow ingress configured.
  interface Vlan804
  ip address 192.168.4.1 255.255.255.252
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip verify unicast source reachable-via any allow-default
  ip flow ingress
  load-interval 30
  end
  A show ip flow export shows me exported flows... the counters increment
  RTR7600#show ip flow export
  Flow export v5 is enabled for main cache
    Export source and destination details :
    VRF ID : Default
      Source(1)       192.168.100.1 (Loopback3)
      Destination(1)  192.168.2.200 (9995)
    Version 5 flow records
    315756904 flows exported in 10536943 udp datagrams
    0 flows failed due to lack of export packet
    0 export packets were sent up to process level
    0 export packets were dropped due to no fib
    0 export packets were dropped due to adjacency issues
    0 export packets were dropped due to fragmentation failures
    0 export packets were dropped due to encapsulation fixup failures
    0 export packets were dropped enqueuing for the RP
    0 export packets were dropped due to IPC rate limiting
    0 export packets were dropped due to Card not being able to export
  A show mls nde shows me nothing
  RTR7600#show mls nde
  Netflow Data Export enabled
  Exporting flows to  192.168.2.200 (9995)
  Exporting flows from 192.168.100.1 (62867)
  Version: 7
  Layer2 flow creation is disabled
  Layer2 flow export is disabled
  Include Filter not configured
  Exclude Filter not configured
  Total Netflow Data Export Packets are:
      0 packets, 0 no packets, 0 records
  Total Netflow Data Export Send Errors:
          IPWRITE_NO_FIB = 0
          IPWRITE_ADJ_FAILED = 0
          IPWRITE_PROCESS = 0
          IPWRITE_ENQUEUE_FAILED = 0
          IPWRITE_IPC_FAILED = 0
          IPWRITE_OUTPUT_FAILED = 0
          IPWRITE_MTU_FAILED = 0
          IPWRITE_ENCAPFIX_FAILED = 0
          IPWRITE_CARD_FAILED = 0
  Netflow Aggregation Disabled
  Do the versions need to match? Is that what is preventing the mls nde export? Any suggestions or tips for troubleshooting this?
  show mls netflow table-contention summary
  Earl in Module 1
  Summary of Netflow CAM Utilization (as a percentage)
  ====================================================
  TCAM Utilization             :   0%
  ICAM Utilization             :   0%
  Netflow Creation Failures    :   0
  Netflow CAM aliases          :   0
  Earl in Module 2
  Summary of Netflow CAM Utilization (as a percentage)
  ====================================================
  TCAM Utilization             :   19%
  ICAM Utilization             :   0%
  Netflow Creation Failures    :   0
  Netflow CAM aliases          :   0
  Earl in Module 3
  Summary of Netflow CAM Utilization (as a percentage)
  ====================================================
  TCAM Utilization             :   56%
  ICAM Utilization             :   0%
  Netflow Creation Failures    :   0
  Netflow CAM aliases          :   0
  Earl in Module 5
  Summary of Netflow CAM Utilization (as a percentage)
  ====================================================
  TCAM Utilization             :   16%
  ICAM Utilization             :   0%
  Netflow Creation Failures    :   0
  Netflow CAM aliases          :   0
  Earl in Module 6
  Summary of Netflow CAM Utilization (as a percentage)
  ====================================================
  TCAM Utilization             :   0%
  ICAM Utilization             :   0%
  Netflow Creation Failures    :   0
  Netflow CAM aliases          :   0
  Thank you,
  Danny

  I did set the mls nde sender version to match up with netflow, but the real resolution to this problem was an extra command that was needed.  I have time-based sampling turned on globally and I'm running a version of 1.2(33)SR code above SRB. You have to turn on "mls netflow sampling" under the layer 3 interfaces that you want nde export under for newer version of code.  In the past, you could enable sampling globally, and it would work. Now you have to enable sampling globally AND turn on sampling under each interface.  The code I'm running is SRE1.

• Looking for a quick method on API integration in Muse

  hello, I am a little green when it comes to Jquery, and I am loving MUSE in my Creative Cloud membership. Blizzard Entertainment offers a community API feature, and it includes a nice documentation. I was wondering if there was a way to create some "rectangles" and have it "get" API data for my site?
  http://blizzard.github.com/api-wow-docs/#character-profile-api/guild

  Hello Joe,
  There are some great posts on the Internet releated to configuring Flexible NetFlow with NBAR exports which leverages NetFlow v9.  You can't get NBAR with NetFlow v5. You are correct in that you only need to configure NetFlow on the physical interfaces, the sub interfaces will show up automatically with unique instances. 
  To gain details on both inbound and outbound traffic, you have a couple options:
  Enable both ingress and egress flows on the one interface
  Enable ingress on all interfaces of the router
  NetFlow v5 Vs. NetFlow v9
  There are many differences between NetFlow v5 and v9, the first is NBAR.  By using Flexible NetFlow to export NetFlow v9 you can gain details on mac addresses, VLANs and if you decide to export Cisco Performance Monitoring elements, you can gain metrics on latency, packet loss, jitter, packet length and more. 
  You'll also need a NetFlow collector that can report on all of the unique NetFlow v9 exports.  For this I recommend Scrutinizer NetFlow and sFlow Analyzer however, other solutions may support these exports as well. Plixer offers free technical support during the evaluation period.
  Please vote on my post if this helps.