Re: NetFlow - path from Routers to Collector

["Roland Dobbins" <rdobbins () arbor net>]

On 2 Sep 2015, at 20:25, Niels Bakker wrote:

> Why?  Do your customer packets have cooties?

Because you don't want things which disrupt customer traffic to disrupt 
your ability to see what's happening.  Just as you don't want it to 
disrupt your ability to configure/manage your infrastructure.

> Which is exactly the argument that people with experience have been 
> making on this mailing list.

I think the problem here is that I failed to distinguish between logical 
and physical OOB.  Physical is best, logical is generally Good Enough.

There are some operators who send flow telemetry across physically 
distinct OOB infrastructure.  More do it logically.  Most still do it 
in-band mixed with production network traffic, but that is slowly 
changing.

> OOB is the 3G dialout on a terminal server that it uses once its 
> regular outside connection fails.

That's one example, yes.

> You don't want flow exports there, to give just one counterexample to 
> your earlier assertions.

On that particular category of OOB, of course not.

-----------------------------------
Roland Dobbins <rdobbins () arbor net>