[c-nsp] Rate-limiting VMs within the network

Phil Mayers p.mayers at imperial.ac.uk
Tue Feb 2 06:10:58 EST 2010

On 02/02/10 09:59, Dobbins, Roland wrote:
> On Feb 2, 2010, at 5:32 PM, Matthew Melbourne wrote:
>> Full NetFlow data needs to be retained by the NetFlow collector for
>> billing purposes.
> Due to the various well-known caveats associated with NetFlow on
> 6500/7600, it's largely operationally useless, and you certainly
> can't count on it for billing or anything else of importance.  So, no
> conflict, after all.

Certainly 6500 netflow is limited, and the limitations are unfortunate - 
but if you happen to live within or can tolerate those limitations, it 
works as expected. I hear "6500 netflow is useless" a lot on this list, 
and from the tone of such posts I can only assume that if people are 
outside those limits, it makes them very angry indeed ;o)

We use it very successfully, with full mask, because the traffic profile 
within our network fits within TCAM at all times, and because we can 
live without egress netflow and sampling, and various other missing 

Without knowing more about the OPs network I can't tell if his concerns 
about netflow are relevant to the microflow policing question, but I can 
say that there's at least a possibility that, if he's using it, his 
netflow is far from useless.

More information about the cisco-nsp mailing list