[c-nsp] No netflow packets after upgrade?

Garry gkg at gmx.de
Sat Sep 24 04:35:23 EDT 2005 

Hi,

after upgrading one of our backbone routers (well, two actually) to
12.2(25)S4, I can't seem to get it to export any netflow data anymore
... I had "router-cache flow" turned on for several interfaces, which
seems to be default now or replaced by "ip flow ingress", plus the usual
config options:

ip flow-export source Loopback0
ip flow-export version 5 origin-as
ip flow-export destination x.x.x.x 4444

On several other systems (720x, too) this works fine - but the updated
routers won't send out a single packet anymore ...

Am I missing something here?

"show ip cache flow" still lists of flow entries, and show ip flow
export states it has sent lots of datagrams:

Flow export v5 is enabled for main cache
  Exporting flows to x.x.x.x (9995) y.y.y.y (4444)
  Exporting using source interface GigabitEthernet1/0
  Version 5 flow records, origin-as
  52083 flows exported in 1736 udp datagrams
  0 flows failed due to lack of export packet
  0 export packets were sent up to process level
  0 export packets were dropped due to no fib
  0 export packets were dropped due to adjacency issues
  0 export packets were dropped due to fragmentation failures
  0 export packets were dropped due to encapsulation fixup failures

(that was after a clear, and with another host configured ... ping works
to either host ...)

Turning on ip packet debugging I get these funny outputs: (with a.a.a.a
being the gi1/0 ip address):

Sep 24 08:22:29: IP: s=a.a.a.a (local), d=224.0.0.2
(GigabitEthernet1/0), len 62, sending broad/multicast
Sep 24 08:22:29: IP: s=a.a.a.a (local), d=224.0.0.2
(GigabitEthernet1/0), len 62, output feature, Post-Ingress-NetFlow(1),
rtype 0, forus FALSE, sendself FALSE, mtu 0
Sep 24 08:22:29: IP: s=a.a.a.a (local), d=224.0.0.2
(GigabitEthernet1/0), len 62, sending full packet, Ingress-NetFlow(3),
rtype 0, forus FALSE, sendself FALSE, mtu 0, Ingress-NetFlow(3), rtype
0, forus FALSE, sendself FALSE, mtu 0, Ingress-NetFlow(3), rtype 0,
forus FALSE, sendself FALSE, mtu 0, Ingress-NetFlow(3), rtype 0, forus
FALSE, sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus
FALSE, sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus
FALSE, sendself FALSE, mtu 0, Ingress-NetFlow(3), rtype 0, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE,
sendself FALSE, mtu 0, Ingress-NetFlow(3), rtype 0, forus FALSE,
sendself FALSE, mtu 0, Post-Ingress-NetFlow(1), rtype 1, forus FALSE, [..]

Does this mean the router is trying to send the flow accounting data out
via broadcast???

I checked the Cisco docs, but apart from the config options above which
were set already, I couldn't find anything else ...

Tnx, -garry

More information about the cisco-nsp mailing list