[M/MX] ASN (Autonomous System Number) does not get updated in the flow-records of sampling with a valid value

  [KB34720] Show Article Properties


Summary:

This article explains the possible reasons for why ASN (Autonomous System Number) may not get updated with a valid value.

Symptoms:

At times, ASN is updated with a value of 4294967295 which is 0xFFFFFFFF.  This is an unset value initialized prior to the proper valid value.

Cause:

AS numbers are propagated from RE routing protocol modules to PFEs/FPCs sampling module. PFEs sampling module generate inline-sampling flow-records and sends to the collector at periodic intervals based on set flow timeouts and upon flow termination.

By the time PFE sends out a flow-record ,if AS number (either for source or destination) is not learned/updated yet on PFE, an AS value of 4294967295 is sent in the flow-records. If the flows are long lived flows, you would eventually see valid values of AS being set in the subsequent flow-records. It takes a maximum of 2 minutes to get the AS values updated to PFEs.

On receiving FIN, RST or FIN ACK , we export the flow instantly with Flow end reason as “End of Flow Detected (3)” without waiting for active or inactive timeout periods.

Solution:

This is an expected behavior. At times, increasing the inactive timeout to more than 120 seconds might help, as it allows sufficient time for the PFEs to learn ASN values.

However, it does not guarantee the flows that get terminated upon receiving FIN, RST or FIN ACK as this would lead to flow-termination and immediate flow-record-export.

Related Links: