[c-nsp] [?? Probable Spam] Re: netflow
Gert Doering
gert at greenie.muc.de
Fri Nov 23 04:07:49 EST 2007
Hi,
On Fri, Nov 23, 2007 at 11:14:16AM +0300, Rivo Tahina RAZAFINDRATSIFA wrote:
> Thanks to all who answered to this question, we are now testing some
> of these, I would like to know the additional cpu charge due to the
> use of netflow on the cisco box.
This very much depends on the traffic characteristic (high number of
short-lived flows vs. long-lived high-volume flows, etc.) and the type of
box you have (software-forwarding vs. MLS based, vs. PXF vs. ...).
On 7600s, the actual flow collection is done in the hardware ASICs, and
doesn't cause any load - but the actual flow *export* can cause notable
load (>30%) if there is a high number of flows on the box, like "2 Gbit/s
of short-lived HTTP flows" or "single-flow DNS queries" or such.
On software-forwarding platforms, like the 7200, my gut feeling is "add 10%
CPU load for netflow". But that *will* vary according to traffic mix.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list