Symptom
Netflow Collector receives a high rate of Netflow v9 template packets (+100 packets per second). This can cause link saturation on egress interfaces, as well as increased CPU and QFP utilization.
Note: There is no official support for HSL over VASI.
Conditions
HSL Collector destination routed over VASI interface. This issue is seen on all IOS-XE platforms that support HSL and ZBFW.
Configuration
===========
parameter-map type inspect-global
log flow-export v9 udp destination 192.168.58.99 9995
Route
=====
CSR2#show ip route 192.168.58.99
Routing entry for 192.168.58.99/32
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 1.1.1.2, via vasileft1
Route metric is 0, traffic share count is 1
Workaround
Ensure that HSL collector does not route over VASI interface.
Further Problem Description
+ tcpdump on Collector. The following 2 packets are seen hundreds of times per second.
host$ tcpdump -i ens192 port 9995 -c 2 -vvv
tcpdump: listening on ens192, link-type EN10MB (Ethernet), capture size 262144 bytes
09:08:40.362394 IP (tos 0x0, ttl 254, id 2697, offset 0, flags [none], proto UDP (17), length 1312)
1.1.1.5.49979 > jumpvm.9995: [udp sum ok] UDP, length 1284
09:08:40.362438 IP (tos 0x0, ttl 254, id 2698, offset 0, flags [none], proto UDP (17), length 836)
1.1.1.5.49979 > jumpvm.9995: [udp sum ok] UDP, length 808
