What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

NetFlow v9 Not Working

Votes:

0

NetFlow v9 is not getting data from the source.

#####   ROUTER CONFIG   #######

Cisco 3945 15.0(1)M2

3945chitosb#sh ip flow export
Flow export v1 is enabled for main cache
  Export source and destination details :
  VRF ID : Default
    Destination(1)  10.255.254.139 (9995)
  Version 1 flow records
  54038469 flows exported in 2251611 udp datagrams
  0 flows failed due to lack of export packet
  0 export packets were sent up to process level
  0 export packets were dropped due to no fib
  0 export packets were dropped due to adjacency issues
  0 export packets were dropped due to fragmentation failures
  0 export packets were dropped due to encapsulation fixup failures
!
3945chitosb#ping 10.255.254.139

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.255.254.139, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
!
interface GigabitEthernet0/0
 description 
 bandwidth 204800
 ip address 192.168.101.1 255.255.255.0
 ip flow ingress
 ip flow egress
 load-interval 30
 duplex full
 speed 1000
 !
 service-policy output QUEUE-EGRESS-20150909
!
interface GigabitEthernet0/1
 description VIDEO LAN
 ip address 192.168.100.1 255.255.255.0
 ip pim sparse-dense-mode
 ip flow ingress
 ip flow egress
 load-interval 30
 duplex full
 speed 1000
 !
 service-policy input TAG-INGRESS
!
interface GigabitEthernet0/2
 description HOUSE LAN
 ip address 10.1.1.7 255.255.255.0
 ip flow ingress
 ip flow egress
 load-interval 30
 duplex full
 speed auto

ip flow-cache entries 4000
ip flow-cache timeout inactive 100
ip flow-export destination 10.255.254.139 9995
ip flow-top-talkers
 top 20
 sort-by bytes




#####  FIREWALL CONFIG  #######

ASA 5525-X ver 9.2(4)

CHI-ASA1/pri/act# ping 10.255.254.139
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.255.254.139, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
!
CHI-ASA1/pri/act# sh flow-export counters

destination: inside 10.255.254.139 9995
  Statistics:
    packets sent                                             6368
  Errors:
    block allocation failure                                    0
    invalid interface                                           0
    template send failure                                       0
    no route to collector                                       0
    failed to get lock on block                                 0
    source port allocation failure                              0

!
access-list netflow-export extended permit ip any any
!
flow-export destination inside 10.255.254.139 9995
flow-export template timeout-rate 1
flow-export delay flow-create 30
!
class-map netflow-export-class
 match access-list netflow-export
!
policy-map global_policy
 class netflow-export-class
  flow-export event-type all destination 10.255.254.139
!
service-policy global_policy global

netflow netflow9 prtg

Created on Oct 22, 2015 8:56:11 PM

Last change on Oct 23, 2015 8:03:49 AM by Torsten Lindner [Paessler Support]