No flows seen in VCF Operations for Networks GUI
search cancel

No flows seen in VCF Operations for Networks GUI

book

Article ID: 423357

calendar_today

Updated On:

Products

VCF Operations for Networks

Issue/Introduction

  • No flows seen in VCF Operations for Networks GUI

  • Source IP Address does not see any flows when UI query is executed
    Refer to screenshot below:

  • Under Settings>Accounts and Datasource page we see that vCenter and NSXT data sources are added and we see the flows numbers as well.
    See screenshot below showing flow numbers:


  • Flows were manually generated, and when connecting to the collector appliance via SSH, we see raw flows for the source IP address.

Environment

  • VCF Operations for Networks 6.13.0
  • VCF Operations for Networks 6.14.0
  • VCF Operations for Networks 6.14.1

Cause

Flows will not be seen if there is a block on the perimeter firewall or datacenter firewall

Resolution

To see the flows in VCF Operations for Networks GUI: 

  1. Fix the firewall block, and wait for a couple of pooling cycles to get complete for the data sources ( wait for 15-30 minutes).
  2. Execute GUI queries below for the source IPs to see the flow data.
    flows where source IP address = source_IP_Address
flows where source IP address = source_IP_Address

Please refer to the other scenarios below as well:

  • Please ensure that the specific VDS and its DVPGs and Uplink properties has Netflow monitoring Enabled and the collector IP address is that of VMware Aria Operations for Networks collector.
  • IPFIX Netflow packets getting dropped in between by a firewall (NSX, Virtual or Physical) - Please ensure that the Netflow packets destined for UDP port 2055 on VMware Aria Operations for Networks collector IP is allowed by any firewall that may be present in the route between ESXi Host and the VMware Aria Operations for Networks Collector.
  • The ESXi host has ceased to send IPFIX Netflow packets - The ESXi host backs off sending the Netflow packets after some time if UDP port 2055 is not reachable. This may happen due to firewall dropping the packets.
  • The VMware Aria Operations for Networks collector is not reachable by ESXi Host due to network routing problem - Please ensure that the proper route exists between ESXi Host and the VMware Aria Operations for Networks collector.

       

    Additional Information

    Refer to FAQ Tech Doc for VCF Operations for Networks How do I troubleshoot VMware Aria Operations for Networks Flow Collection




    Powered by Wolken Software