[nsp] multicast flows and dev/null
Danny McPherson
danny at tcb.net
Thu Feb 5 14:28:12 EST 2004
On Feb 5, 2004, at 11:56 AM, Hank Nussbacher wrote:
> At 05:26 PM 04-02-04 +0100, Francisco Gracia wrote:
>
> I never did find out why it was happening and how to fix it.
> I'm still curious.
With the two traditional modes of multicast NetFlow (i.e.,
traditional and ingress) the destination interface is always
set to Null. With traditional NetFlow the octet/packet
count values represent ingress values, with ingress NetFlow
(i.e., by enabling the 'ip multicast netflow ingress'
interface subcommand) the octet/packet stuff represents
egress values.
However, with multicast egress NetFlow (i.e., by enabling
the 'ip multicast netflow egress' interface subcommand) a
flow record is created for each egress interface with which
the feature is enabled on, and the destination interface
field is populated with the egress interface information
(and outgoing octet/packet values) rather than a blanket
destination interface Null entry. There's also some nifty
rpf failure capabilities in egress NetFlow. I believe
this is a new feature to 12.0S (27?). I'd be wary of
performance with large numbers of interfaces in the
oiflist if egress NetFlow is enabled on those interfaces.
-danny
More information about the cisco-nsp
mailing list