Submit a ticketCall us

AnnouncementsChange Is Inevitable

Get valuable help when it comes to tracking and monitoring changes. SolarWinds® Server Configuration Monitor (SCM) is designed to help you: detect, track, and receive alerts when changes occur, correlate system performance against configuration changes, compare server and application configuration against custom baselines, and verify application and system changes.

Learn more.

Home > Success Center > Netflow Traffic Analyzer (NTA) > NTA - Knowledgebase Articles > Enable NetFlow on Cisco VLAN interfaces to show layer 2 and layer 3 traffic

Enable NetFlow on Cisco VLAN interfaces to show layer 2 and layer 3 traffic


This article discusses how to enable NetFlow on Cisco® VLAN interfaces to show both layer 2 and layer 3 traffic.


All NTA versions


NetFlow only summarizes traffic that passes from one VLAN to another (interVLAN) or routed traffic which does not show layer 3 switched traffic. This is due to disabled NetFlow on the VLAN interface.


To see the traffic arriving on the switch ports that belong to VLAN, you need to enable layer 3 NetFlow to display the information on the VLAN interface.

Layer 3 Switched NetFlow commands
ip flow ingress Enables Netflow on the layer 3 interface.
ip flow ingresslayer2-switched Enables layer 3 switched Netflow.
ip flow ingress infer-fields Capture the input and output interfaces for logical interfaces.
  • Applying these commands on the device may differ and many devices only support NetFlow layer 3 but not layer 2.
  • Make sure that the NDE version is v5. By default, it is set on version 7. 
  • For more information on NetFlow Layer 3, see the Cisco documentation (© 2018 Cisco, available at, obtained on April 3, 2018).


The key command to monitor layer 2 is ip flow ingress layer2-switched vlan xxxx.

Layer 2 Switched traffic commands
ip flow ingress layer2-switched vlan vlanlist
ip flow export layer2-switched vlan vlanlist
set mls bridged-flow-statistics enable vlanlist (for CatOS)

A PFC3B or PFC3BXL running 12.2(18)SXE or higher is required for this command, which enables NDE for all traffic within the specified VLANs rather than just inter-VLAN traffic.

Last modified