[c-nsp] Collecting AS info from XR Netflow data inside L3VPN
Nick Hilliard
nick at foobar.org
Sat Dec 22 06:03:21 EST 2012
On 21/12/2012 17:16, Jason Lixfeld wrote:
> I've done this for the ipv4 address-family, but that doesn't seem to do
> anything for AS info inside L3VPN.
This is one of the really frustrating limitations of netflow - it needs per
AFI / per encapsulation layer support. As this needs to be handled in
hardware, getting support on kit is hard. I just wonder if it wouldn't be
a much more sensible long term proposition to handle this with sflow + bmp
(neither of which Cisco support, except for sflow on the n3k) and perform
offline processing with a smart collector. This would completely remove
the requirement for: smart netflow-capable hardware, developer / customer
hair loss due to implementation difficulties/timelines.
On-board processing of Netflow is great, and there's no doubt that you can
do some awesome traffic analysis with it. Problem is, state management is
a lousy proposition as you get faster, and according as you end up with
more encapsulation layers (one or more layers of mpls / ip / ipv6 / l2vpn /
l3vpn), handling netflow processing for each individually becomes a router
firmware nightmare.
Nick
More information about the cisco-nsp
mailing list