Submit a ticketCall us

AnnouncementsWeb Help Desk Integrations eCourse

Looking to reduce response times? Sign up for our eCourse to learn how integrating Web Help Desk with Dameware Remote Support, Network Configuration Manager, Network Performance Monitor, and Server & Application Monitor can improve communication efficiencies.

Register here.

Home > Success Center > Netflow Traffic Analyzer (NTA) > Enable NetFlow on Cisco VLAN interfaces to show layer 2 and layer 3 traffic

Enable NetFlow on Cisco VLAN interfaces to show layer 2 and layer 3 traffic

Overview

This article discusses how to enable NetFlow on Cisco® VLAN interfaces to show both layer 2 and layer 3 traffic.

Environment

All NTA versions

Cause

NetFlow only summarizes traffic that passes from one VLAN to another (interVLAN) or routed traffic which does not show layer 3 switched traffic. This is due to disabled NetFlow on the VLAN interface.

Resolution

To see the traffic arriving on the switch ports that belong to VLAN, you need to enable layer 3 NetFlow to display the information on the VLAN interface.

Layer 3 Switched NetFlow commands
ip flow ingress Enables Netflow on the layer 3 interface.
ip flow ingresslayer2-switched Enables layer 3 switched Netflow.
ip flow ingress infer-fields Capture the input and output interfaces for logical interfaces.
  • Applying these commands on the device may differ and many devices only support NetFlow layer 3 but not layer 2.
  • Make sure that the NDE version is v5. By default, it is set on version 7. 
  • For more information on NetFlow Layer 3, see the Cisco documentation (© 2018 Cisco, available at https://www.cisco.com, obtained on April 3, 2018).

 

The key command to monitor layer 2 is ip flow ingress layer2-switched vlan xxxx.

Layer 2 Switched traffic commands
ip flow ingress layer2-switched vlan vlanlist
ip flow export layer2-switched vlan vlanlist
set mls bridged-flow-statistics enable vlanlist (for CatOS)

A PFC3B or PFC3BXL running 12.2(18)SXE or higher is required for this command, which enables NDE for all traffic within the specified VLANs rather than just inter-VLAN traffic.

Last modified

Tags

Classifications

Public