Why do I only see one directional traffic for an interface in NFA?

Document ID : KB000031762
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem:

Some of my interfaces are not showing any "OUT" data, but show "IN" data like below:

OneDirection.png

 

Environment:

Any RA or NFA Environment

 

Cause:

This is usually caused by improper Ingress and Egress settings on the Netflow Enabled device.

 

Resolution:

1. Verify the Netflow version by running:

show ip flow export

2. If you are using Netflow version 5 you should verify that you have one of the following Ingress/Egress configurations 

"ip flow ingress" only on ALL active interfaces (Active meaning, interfaces that have an IP address and are UP)

"ip flow egress" only on ALL active interfaces (Active meaning, interfaces that have an IP address and are UP)

To verify this get the outputs of the following commands from your Netflow enabled device:

show ip interface brief

show ip flow interface

Verify that each interface that has an IP address and that is UP in the output of the "show ip interface brief" command is set to either all "ip flow ingress" and "ip flow egress", even if you do not wish to monitor that interface in NFA.

Also verify that you do not have both "ingress" and "egress" set on any interface.

 

 3. If you are using Netflow version 9 you should be using both "ip flow ingress" and "ip flow egress" on only the interfaces interfaces you care to monitor in NFA.

To verify this get the output of "show ip flow interface" command and verify that both "ingress" and "egress" are set on the interface you wish to monitor.

You should not have any interfaces set to only using "ingress" or only use "egress".

 

Additional Information:

See also TEC562174