[c-nsp] question on s/rtbh 6500 with sup720-3cxl
Roland Dobbins
rdobbins at arbor.net
Mon Feb 9 04:56:09 EST 2015
On 9 Feb 2015, at 16:48, Nick Hilliard wrote:
> If you check the destination interface of this prefix in the netflow
> record, you should see that it's being dumped.
We've corresponded 1:1 about this - OP is investigating whether the
traffic is being seen further downstream and/or if it's ingressing at
multiple points, and is looking at putting bogon ACLs on his edge
interfaces.
The problem with NetFlow on pre-Sup2T/-DFC4 is that it can't be trusted
at all. One of its many caveats is that it doesn't always report
dropped traffic properly (i.e., destination ifindex 0, as you indicate).
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the cisco-nsp
mailing list