[c-nsp] more net flow, which interfaces to monitor and in which direction?
CiscoNSP List
cisconsp_list at hotmail.com
Wed May 21 21:40:50 EDT 2014
This is interesting - I understand (And this is what we currently do), enabling ingress netflow on all "relevant" interfaces provides you with ingress+egress traffic data.....but if you only enable ingress+egress netflow on your Transit Interfaces(And not on customer subinterfacea), it does not provide this? Can anyone please explain why?
Cheers.
> From: rdobbins at arbor.net
> Date: Thu, 22 May 2014 08:31:38 +0700
> To: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] more net flow, which interfaces to monitor and in which direction?
>
>
> On May 22, 2014, at 8:11 AM, Charles Sprickman <spork at bway.net> wrote:
>
> > It seems unwise (and complicated) to add an ingress flow statement on every subinterface.
>
> How is it unwise and complicated?
>
> Enable it, it's done. Simple.
>
> > If I could just add an “ingress” and “egress” statement to each of my two transit connections, that seems more ideal. Is this something I should *not* do on modern hardware?
>
> Check with Cisco - it's caused issues on other platforms in the past.
>
> But I don't understand your rationale for not wanting visibility into all your traffic passing through the routers in question. You don't want traceback for outbound/crossbound traffic emanating from your subscribers?
>
> ----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
> Equo ne credite, Teucri.
>
> -- Laocoön
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list