Nexus 9504 Netflow data config help needed

This support forum board is for support questions relating to Nagios Network Analyzer, our network traffic and bandwidth analysis solution.
Locked
jladolcetta
Posts: 2
Joined: Tue Feb 23, 2021 10:32 am

Nexus 9504 Netflow data config help needed

Post by jladolcetta »

I am testing Nagios NA against a test switch with Netflow data configured as follows:
flow exporter e1
destination 192.168.89.193
transport udp 9914
source Ethernet3/36
version 9
template data timeout 1200
option exporter-stats timeout 1
flow exporter f2
destination 192.168.89.193
transport udp 9915
source mgmt0
version 9
flow record r1
match ipv4 source address
match ipv4 destination address
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
flow record r1_l2
match datalink mac source-address
match datalink mac destination-address
match datalink vlan
match datalink ethertype
collect counter packets
flow monitor m1
record r1
exporter e1
flow monitor m2_l2
record r1_l2
exporter e1
I've configured the sources on the Nagios NA however I am not seeing anything over a 24 hr. period.
There is traffic on the mgmt0 port:
mgmt0 is up
admin state is up,
Hardware: GigabitEthernet, address: 5488.deae.69e6 (bia 5488.deae.69e6)
Description: *** Local Management - Link to NJB1SWA2-1 on Eth 4/18 ***
Internet Address is 192.168.88.3/22
MTU 1500 bytes, BW 1000000 Kbit , DLY 10 usec
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, medium is broadcast
full-duplex, 1000 Mb/s
Auto-Negotiation is turned on
Auto-mdix is turned off
EtherType is 0x0000
1 minute input rate 4048 bits/sec, 7 packets/sec
1 minute output rate 296 bits/sec, 0 packets/sec
Rx
18292030 input packets 160163 unicast packets 1529305 multicast packets
16602562 broadcast packets 1189700346 bytes
Tx
186058 output packets 138535 unicast packets 47520 multicast packets
3 broadcast packets 29457458 bytes

NJB1SWA2-2#


As there is on the e3/36 interface:
NJB1SWA2-2# sh int e3/36
Ethernet3/36 is up
admin state is up, Dedicated Interface
Belongs to Po21
Hardware: 10000/40000 Ethernet, address: a0b4.3974.9ac8 (bia a0b4.3974.9ac8)
Description: *** vPC Peer Link ***
MTU 9216 bytes, BW 40000000 Kbit , DLY 10 usec
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, medium is broadcast
Port mode is trunk
full-duplex, 40 Gb/s, media type is 40G
Beacon is turned off
Auto-Negotiation is turned on FEC mode is Auto
Input flow-control is off, output flow-control is off
Auto-mdix is turned off
Rate mode is dedicated
Switchport monitor is off
EtherType is 0x8100
EEE (efficient-ethernet) : n/a
admin fec state is auto, oper fec state is off
Last link flapped 3week(s) 5day(s)
Last clearing of "show interface" counters 3w5d
3 interface resets
Load-Interval #1: 30 seconds
30 seconds input rate 4360 bits/sec, 6 packets/sec
30 seconds output rate 5008 bits/sec, 6 packets/sec
input rate 4.36 Kbps, 6 pps; output rate 5.01 Kbps, 6 pps
Load-Interval #2: 5 minute (300 seconds)
300 seconds input rate 4376 bits/sec, 6 packets/sec
300 seconds output rate 4304 bits/sec, 6 packets/sec
input rate 4.38 Kbps, 6 pps; output rate 4.30 Kbps, 6 pps
RX
0 unicast packets 17954762 multicast packets 0 broadcast packets
17954762 input packets 1564776297 bytes
0 jumbo packets 0 storm suppression bytes
0 runts 0 giants 0 CRC 0 no buffer
0 input error 0 short frame 0 overrun 0 underrun 0 ignored
0 watchdog 0 bad etype drop 0 bad proto drop 0 if down drop
0 input with dribble 0 input discard
0 Rx pause
TX
0 unicast packets 17954563 multicast packets 0 broadcast packets
17954563 output packets 1554365575 bytes
0 jumbo packets
0 output error 0 collision 0 deferred 0 late collision
0 lost carrier 0 no carrier 0 babble 0 output discard
0 Tx pause

NJB1SWA2-2#

However as stated above I am seeing no output in Nagios NA.
I am sure I am missing something and could use some help.

Thanks
Jeff Ladolcetta
VERIZON XR
User avatar
tgriep
Madmin
Posts: 9177
Joined: Thu Oct 30, 2014 9:02 am

Re: Nexus 9504 Netflow data config help needed

Post by tgriep »

Lets install tcpdump on the NNA server and see if the switch data is received.

Run this to install it

Code: Select all

yum install tcpdump -y
Then run the following as root but replace xxx.xxx.xxx.xxx with the IP address of the switch.

Code: Select all

tcpdump -i any -s 65535 host xxx.xxx.xxx.xxx and port 9914 and udp -A -vv
It could take up to 10 minutes to see and data printer to the shell.

If you see data, then try stopping the firewall of the NNA server to see if that is blocking it.

Code: Select all

systemctl stop iptables
or

Code: Select all

systemctl stop firewalld
Wait for 10 minutes and see if the GUI shows data.

Last, make sure the NNA server and the switch has the time set and synced as well as the time zone set.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Locked