On Fri, Oct 06, 2000 at 01:29:29PM -0700, Todd Caine wrote:
> In order to do that I would have to enable 'ip route cache flow' on a
> backbone interface. Which the cflowd documentation says not to do?
>
> i.e..
>
> ___ ip route cache flow enabled ( to catch ingress
> traffic )
> v
> ---------- ----------
> | ISP A |--------| ISP B |--(SRP backbone interface)
> ---------- ----------
> ^___ip route cache flow enabled (to
> catch egress traffic)
>
> Is this correct? Anyone have any idea about the performance issues of
> enabling 'ip route cache flow' on an OC-12 SRP interface (300Mbps on
> average) for a Cisco 75XX. Can this be done without serious performance
> problems using version 5 flow-export?
You basicly have 2 options, either to NetFlow account the data where it
flows into your network, this probably means enabling in on all edge
routers, and if these doesn't all run with full BGP tables, you will not
have the ASN information.
Or you have set a "border line" through your network, where you NetFlow
account all traffic flowing in through that line, the 2 extremes are:
1) Enabling NetFlow on all interface on a single router.
2) Enabling it on all non-backbone interfaces on all routers.
I don't know how the VIP will behave if you enable NetFlow on a
interface doing 300+ Mbps, I can say for sure a VIP2-50 can do NetFlow
on a PA-POS-OC3 doing linerate, but that's only about half of your
traffic.
/Jesper
-- Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456 Work: Network manager @ AS3292 (Tele Danmark DataNetworks) Private: Geek @ AS2109 (A much smaller network ;-)One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them. -- cflowd mailing list cflowd@caida.org
This archive was generated by hypermail 2b29 : Fri Oct 06 2000 - 13:50:03 PDT