Preview Tool

Cisco Bug: CSCtd92012 - NetFlow should not create records for GRE if GRE/IPsec is configured

Last Modified

Feb 06, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

12.4(15)T 12.4(23)

Description (partial)


NetFlow creates entries for both ESP and GRE on an interface with crypto applied:

SrcIf         SrcIPaddress    DstIf         DstIPaddress    Pr SrcP DstP  Pkts
Gi0/0     Local     2F 0000 0000    10 
Gi0/0     Local     32 A452 CA03    10 

This is not a behavior as per the officially published whitepaper and leads to double-accounting in customer networks:

However, this is expected behaviour from 12.4(15)T and earlier.


"ip flow ingress" is enabled on the outside Gi0/0 interface and this interface terminates GRE/IPSec tunnel. This behavior is observed in IOS 12.4 and IOS 12.4(15)T and below.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.