[c-nsp] NetFlow for Bandwidth Billing
Roland Dobbins
rdobbins at cisco.com
Wed May 2 15:39:12 EDT 2007
On May 2, 2007, at 12:25 PM, TCIS List Acct wrote:
> In the past, we've only been able to do NetFlow on the ingress
> side. It appears
> that in newer IOS releases we can now monitor both ingress and
> egress. This, in
> theory, should go a long way towards eliminating the duplication
> issue if we
> only monitor on our transit links in the core routers.
What most folks do for visualization/NOC use is monitor ingress on
all relevant interfaces on all relevant routers, and then have
various graphs/tables with various views which end up providing the
equivalent of deduplication. It's certainly important for a billing
application or a security application to perform deduplication; I'd
be shocked to learn of one which doesn't, heh.
One of the benefits of NetFlow is instant traceback - so, I'd urge
you to consider something like the above at your edges, rather than
in your core. NDE is really an edge technology, unless you're
recording flows for later forensics/troubleshooting/audit use.
------------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice
You may not be interested in strategy, but strategy is interested in
you.
-- Leon Trotsky
More information about the cisco-nsp
mailing list