NetFLow (As a Cisco Switching mechanism) is actually preferrable
(excluding when Code Red WOrm might be attacking) on all Cisco Routers
NetFlow (as a data collection mechanism), might need to be more carefully
looked at before deciding where and how much.
the questions that should be asked:
Do I want to do billing/accounting?
Where will I get what information from?
What do I want to see?
How much processing power am I willing to dedicate to this?
We've been using NetFlow data from our core routers to decide how and where
we'll deploy more web caches, and where to add how much more bandwith.
At the edges we use NetFlow to show the clients there line utilization based on
IP and protocol
On Fri, Aug 10, 2001 at 03:22:44AM +0200, Christian Hammers wrote:
> On Thu, Aug 09, 2001 at 02:18:36PM -0700, Ajay Shah wrote:
> > Cisco recommends NOT to use NetFlow in the Core. I was wondering about the
> > actual performance / resource impact of doing this.
> I guess the main problem would be to ensure that every packet really passes
> exactly one netflow router and not more.
> In a big network with redundant connections between the routers and more than
> one upstream provider it could easily be that a packet comes in an edge router,
> traverses one core router, goes to the next core router and reaches it's target.
> Deciding which packts to filter on which interface on the core router may
> then be very error prone. On the other side accounting each edge interface on
> each edge router of your net is easy to verify.
> hope that helps,
> Christian Hammers WESTEND GmbH - Aachen und Dueren Tel 0241/701333-0
> firstname.lastname@example.org Internet & Security for Professionals Fax 0241/911879
> WESTEND ist CISCO Systems Partner - Premium Certified
> cflowd mailing list
-- ------------------------ Hendrik Visage email@example.com -- cflowd mailing list firstname.lastname@example.org
This archive was generated by hypermail 2b29 : Fri Aug 10 2001 - 00:50:10 PDT