[c-nsp] Netflow - GSR engine 5
Drew Weaver
drew.weaver at thenap.com
Fri Feb 26 09:35:56 EST 2010
Hey Roland,
You mean if the provider can figure out where the traffic is coming from right?
Haven't had too much luck with that so far.
thanks,
-Drew
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dobbins, Roland
Sent: Thursday, February 25, 2010 7:28 PM
To: Cisco-nsp
Subject: Re: [c-nsp] Netflow - GSR engine 5
On Feb 26, 2010, at 12:43 AM, Drew Weaver wrote:
> but why is it showing up in the netflow exports?
Because that's how NetFlow is supposed to work on a real router, vs. the broken implementation on 6500/7600 with current hardware.
;>
It's of great operational significance to know that even though you're dropping traffic on your side of a link via uRPF, S/RTBH, ACLs, whatever, said traffic is still pummeling your router. You can then work with your peer/upstream/downstream/customer to get the traffic squelched closer to the actual source(s).
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list