[c-nsp] ASR 920 Netflow timestamps?

[Peter Rathlev]

We have deployed a handful of ASR 920 routers and are collecting
Netflow from them with NFsen. It seems to work okay apart from the
timestamps in the Netflow records. The are all just epoch start.

Looking at a packet capture and having Wireshark decode it with the
"CFLOW" dissector shows that the export timestamps in the packet header
are correct but the "StartTime" and "EndTime" in each flow record is
just all zeros.

The routers are running IOS XE 16.7.3 and the Netflow configuration is
like this:

  flow record IPV4-FULL
   match ipv4 protocol
   match ipv4 source
address
   match ipv4 destination address
   match transport source-port
 
  match transport destination-port
   match routing vrf input
   collect
transport tcp flags
   collect interface input
   collect counter bytes
long
   collect counter packets long
   collect timestamp absolute first
 
  collect timestamp absolute last
  !
  flow exporter NDE-
bernoulli.net.rm.dk
   destination 192.0.2.10
   source Loopback0
   trans
port udp 30020
  !
  flow monitor STANDARD-INGRESS-IPV4
   exporter NDE-
bernoulli.net.rm.dk
   record IPV4-FULL
  !
  interface BDI10
   vrf
forwarding RM03104
   ip flow monitor STANDARD-INGRESS-IPV4 input
   ip
address 198.51.100.1 255.255.255.0
   ...
  !

I tried substituting "timestamp sys-uptime" for "timestamp absolute"
but saw no difference.

The routers are using the "video" SDM template and have the "Advanced
Metro IP Access" license.

Are other people seeing the same with regards to Netflow from an ASR
920? Any way to have it send the correct timestamps in the flow
records?

Thanks in advance.

-- 
Peter