Symptom
When ETA and AVC are configured together, multiple FNF exports are happening for the same flow after active timer expiry.
Conditions
1. Catalyst 9k
2. ETA + AVC is configured.
3. Running affected IOS-XE
Workaround
To fix the issue, we provided a logic which exports the fnf records only during active timeouts. Since, the flow is already present in the hardware table, while exporting the flow records, we are exporting the delta counters of packet and byte counters between active timeouts and we are updating the first seen time stamp of the flow to the last expired active timeout.
Further Problem Description
This issue is because of AVC not deleting the flows from Hardware flow table once active timer expiry happens. Whenever active timer expiry is happening for a flow, We should ideally be deleting the flow from hardware flow table. But, AVC and ETA together works in such a way that, flow gets deleted only when both the features want to delete the flow. Because of this limitation, same flow is always getting hit by active timeout incase of long lived flows. As that flow is still present in the hardware table, which is resulting in the continuous fnf flow exports.
