[c-nsp] Rate-limiting VMs within the network
Phil Mayers
p.mayers at imperial.ac.uk
Tue Feb 2 06:10:58 EST 2010
On 02/02/10 09:59, Dobbins, Roland wrote:
>
> On Feb 2, 2010, at 5:32 PM, Matthew Melbourne wrote:
>
>> Full NetFlow data needs to be retained by the NetFlow collector for
>> billing purposes.
>
> Due to the various well-known caveats associated with NetFlow on
> 6500/7600, it's largely operationally useless, and you certainly
> can't count on it for billing or anything else of importance. So, no
> conflict, after all.
Certainly 6500 netflow is limited, and the limitations are unfortunate -
but if you happen to live within or can tolerate those limitations, it
works as expected. I hear "6500 netflow is useless" a lot on this list,
and from the tone of such posts I can only assume that if people are
outside those limits, it makes them very angry indeed ;o)
We use it very successfully, with full mask, because the traffic profile
within our network fits within TCAM at all times, and because we can
live without egress netflow and sampling, and various other missing
features.
Without knowing more about the OPs network I can't tell if his concerns
about netflow are relevant to the microflow policing question, but I can
say that there's at least a possibility that, if he's using it, his
netflow is far from useless.
More information about the cisco-nsp
mailing list