How to tune netflow export on Multiple VRF router?
Hello support team!
Customer have complex VPN topology eg DMVPN + Multiple VRF (no MPLS, just 2 different contexts to separate system and VPN traffic),
Customer want to export netflow from each router to a two different analyzers (best scenario), First collector is a in the regional center (can be reached through VPN VRF context only) second collector is in the central site (can be reached through System or VPN VRF),
I failed to find any recommendations and explanations about VRF aware NetFlow on the Cisco pages, Some friends recommend to play with "ip flow-export source-interface" and set it to a VRF tagged loop-back interface,
Can you please provide any feedback? Have you seen such reqests from the Netflow Analyzer before? What is you proposed solution? Any good white-papers on Cisco?
Thanks in advance,
Versions: Netflow Analyzer v5,5, Cisco IOS 12,4,3
Customer have complex VPN topology eg DMVPN + Multiple VRF (no MPLS, just 2 different contexts to separate system and VPN traffic),
Customer want to export netflow from each router to a two different analyzers (best scenario), First collector is a in the regional center (can be reached through VPN VRF context only) second collector is in the central site (can be reached through System or VPN VRF),
I failed to find any recommendations and explanations about VRF aware NetFlow on the Cisco pages, Some friends recommend to play with "ip flow-export source-interface" and set it to a VRF tagged loop-back interface,
Can you please provide any feedback? Have you seen such reqests from the Netflow Analyzer before? What is you proposed solution? Any good white-papers on Cisco?
Thanks in advance,
Versions: Netflow Analyzer v5,5, Cisco IOS 12,4,3
*** List of all interfaces:
regional-rt#sh ip int brie
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 10,20,20,20 YES NVRAM up up
Vlan311 192,168,1,254 YES manual up up
Tunnel0 10,10,10,10 YES manual up up
*** VRF interface assignment
regional-rt#sh ip vrf interfaces
Interface IP-Address VRF Protocol
Tu0 10,10,10,10 VPN up
Vl311 192,168,1,254 VPN up
*** VRF configuration
regional-rt#sh ip vrf brief
Name Default RD Interfaces
VPN 11:11 Tu0
Vl311
*** Netflow configuration
regional-rt#sh run | inc flow
ip flow-export source Vlan311
ip flow-export version 5
*** Regional collector
ip flow-export destination 192,168,1,200 9996
*** Central collector
ip flow-export destination 10,20,20,20 9996