[c-nsp] Netflows for customers?

[Julio Arruda]

Tim Huffman wrote:
> I have a potential customer that has asked if we can provide them
> netflow data for their connection. We are not currently using netflows
> internally, but plan to in the near future.
> 
> I haven't been able to find a way to segregate netflows exporting so
> that the customer would ONLY get flow data for their interface, while
> still allowing us to see flow data for all ports on that router.
> 
> Does anyone have any experience with something like this? Is it possible
> to do? I appreciate any help that you guys can provide!

include <disclaimer> I work for Arbor, as such, I'm biased..but..

As Roland mention, in the carrier side of the equation, there are 
comercial (and maybe open source) solutions that allow you to create 
these 'limited views'.

In Peakflow SP Managed Services, with the so called Scoped View, you can 
define what 'piece' of the pie the customer will have access to.
Not only based in Source/Destination IP address (that I guess would be a 
problem in overlapping IPs in a VPN), but in any of the ways we have to 
define a customer, including the Interface(s) defined as boundary, that 
link your PE/Edge router to their CPE.