[c-nsp] Usage Billing w/ Netflow / Implementation Pitfalls

Joe Loiacono jloiacon at csc.com
Tue May 20 14:48:15 EDT 2008 

Hi Chris,

Netflow is very useful for establishing customer chargebacks based on 
actual usage. Keep in mind however that in practice it is not perfect, as 
you can lose netflow information from several sources though generally it 
is not much (e.g., device table overflow, lost UDP netflow packets, 
collector overload, etc.) Despite this possibility, you can get a very 
close and useful picture of specified traffic sets.

Have you considered open-source flow-tools/FlowViewer? The FlowTracker 
capability allows you to maintain long-term RRDtool graphs for any user 
you want. You can also group users and look at them as a group. I track 
over 120 such individual users here at NASA GSFC. That said, if you're 
going to look at all 1024 hosts (in a /22) then graphs wouldn't be 
practical; you would need to invoke a textual report periodically.

If you're going to collect netflow though, flow-tools/FlowViewer offers a 
lot of analysis tools to enhance your picture of your network. Check out 
screenshots, etc. for FlowViewer:at:

http://ensight.eos.nasa.gov/FlowViewer/

Joe







"Chris Riling" <criling at gmail.com> 
Sent by: cisco-nsp-bounces at puck.nether.net
05/20/2008 02:03 PM

To
cisco-nsp at puck.nether.net
cc

Subject
[c-nsp] Usage Billing w/ Netflow / Implementation Pitfalls






Hi All,

     I know this has been asked thousands of times before, but I don't 
think
anyone has ever answered it in quite the same fasion. I'm thinking about
turning on netflow on my border routers (7606's with Sup32's / full 
routes);
Think I'll see any issues from turning on the exports? Also, specifically,
we're looking to see the ability to generate reports for say, a /22, and 
the
amount of transfer for each host in the /22 that has entered / exited our
network at the border (MRTG on the switchports isn't going to cut it). 
I've
heard that a lot of people use ntop for this sort of thing, but in the 
demo
I wasn't able to find anything that did exactly this, and I wanted to
consult the list before turning on Netflow at the border routers anyway.
I've also heard of people using stager for the report generation; can 
stager
do the same sort of thing?

Thanks,
Chris
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list