Submit a ticketCall us

Welcome to the NEW Success Center. Search all resources (documentation, videos, training, knowledge base articles) or browse resources by product. If you are unable to find what you are looking for, please contact us at customersuccess@solarwinds.com

 

 

 

 

Home > Success Center > Netflow Traffic Analyzer (NTA) > Big amount of flow from a bogus IP Address

Big amount of flow from a bogus IP Address

Created by Daniel Phillipps, last modified by MindTouch on Jun 23, 2016

Views: 701 Votes: 0 Revisions: 5

Overview

There is a big amount of flow from a bogus IP address.

Environment

  • NTA 4.x
  • Cisco IOS-XE versions

Cause 

Cisco has confirmed that there are bugs in the current software they have.

Some symptoms for this bug is getting a big amount of flows from bogus IP addresses that do not exist in your network.

Another behavior found on this bug is when running this command, you can see the output interface changing for the same flows.

sh flow monitor <monitor name>  cache filter ipv4 source add 10.x.x.x ipv4 destination address 10.x.x.x

Known affected releases are 3.6.0 and other customers have reported the same problem with 3.7.1 and 3.7.2.

Resolution

The fix for this bug is available on IOS Versions 3.6.3 E, 3.7(3)E and the latest and suggested version at Cisco Download Software 3.6.4E.

 

Last modified
20:27, 22 Jun 2016

Tags

Classifications

Public