[c-nsp] network design for NetFlow

Burton Windle bwindle at fint.org
Tue Aug 17 17:03:17 EDT 2004


I am trying to figure out how to gather NetFlow info for data on my
internet pipe.  My network is designed as such:

 ISP
  |
  |
Cisco router
  |
  |
PIX Firewall
  |
  |
Core network (6509)

The PIX doesn't appear to support exporting Netflow, and the only NetFlow
data the 6509s appears to spit out is about packets that get punted up to
the CPU.

The router that is connected to my ISP would work, but because our PIX is
doing NAT, all traffic from behind it looks like it is from the same IP,
so that won't help us track down bandwidth abusers.

Without adding any new hardware into the mix, what are my options? I'd
rather leave my 6509 doing hardware-based switching for obvious reasons.

-- 
Burton Windle                           bwindle at fint.org



More information about the cisco-nsp mailing list