[c-nsp] more net flow, which interfaces to monitor and in which direction?
Roland Dobbins
rdobbins at arbor.net
Wed May 21 21:57:03 EDT 2014
On May 22, 2014, at 8:53 AM, CiscoNSP List <cisconsp_list at hotmail.com> wrote:
> Thanks Roland - So, enabling ingress+egress netflow on (only) transit/peering interfaces, you will see ingress+egress traffic from/to customer IP's(from/to Internet/Peering upstreams), just not inter-customer traffic.
Yes - but all you need to do is to enable ingress NetFlow on your northbound interfaces and ingress NetFlow on your southbound interfaces.
But I strongly urge you to pay attention to your crossbound traffic, as well as ensure you have traceback to the relevant interfaces for outbound/crossbound traffic. This means ingress NetFlow on all relevant interfaces.
----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Equo ne credite, Teucri.
-- Laocoön
More information about the cisco-nsp
mailing list