[c-nsp] 6500 netflow export and the switch cpu
Jon Lewis
jlewis at lewis.org
Fri Sep 12 20:57:33 EDT 2008
On Fri, 12 Sep 2008, Ben Steele wrote:
> "It looks like the fix was to enable flow-sampling."
>
> Out of curiosity what are you using your netflow for? I'm asking because
> sampling obviously isn't ideal when you are trying to get completely
> accurate data for accounting.
Mostly for abuse tracking/corroboration. For this purpose, sampled should
be good enough in most cases. If I could have full netflow, I'd like it,
but it looks as if we've hit another unanticipated hardware limitation
with our cisco gear.
> It feels a shame using DFC's for a margin of their capacity purely because
> you need the TCAM space to produce netflow.
Kind of like using Sup720-3bxls to handle a few hundred mbit/s of traffic
just to be able to take full routes.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the cisco-nsp
mailing list