nanog mailing list archives

Re: sFlow vs netFlow/IPFIX

From: Baldur Norddahl <baldur.norddahl () gmail com>
Date: Mon, 29 Feb 2016 00:26:53 +0100

On 28 February 2016 at 23:40, Nick Hilliard <nick () foobar org> wrote:

Netflow was designed to measure flows, and it turned out that the design
was robust enough for it to be more-or-less good enough for billing
purposes. It's "more or less" because on larger routers, you can't do
1:1 data export and you end up needing to do traffic sampling, at which
point you're billing based on realistic estimates rather than exact
data.  That's fine if your contract with your customer says it's ok.



Around here they are currently voting on a law that will require unsampled
1:1 netflow on all data in an ISP network with more than 100 users. Then
store that data for 1 year, so the police and other parties can request a
copy (with a warrant but you are never allowed to tell anyone that they
came for the data and the judges will never say no).

My routers can apparently actually do 1:1 netflow and the documentation
does not state any limits on that. So maybe I am lucky?

To the original question: in this country sFlow only is apparently about to
become illegal.

Regards,

Baldur

Current thread:

sFlow vs netFlow/IPFIX Todd Crane (Feb 28)
- Re: sFlow vs netFlow/IPFIX Nick Hilliard (Feb 28)
  - Re: sFlow vs netFlow/IPFIX Baldur Norddahl (Feb 28)
    - Re: sFlow vs netFlow/IPFIX Roland Dobbins (Feb 28)
    - Re: sFlow vs netFlow/IPFIX Valdis . Kletnieks (Feb 28)
    - Re: sFlow vs netFlow/IPFIX Pavel Odintsov (Feb 28)
    - Re: sFlow vs netFlow/IPFIX Roland Dobbins (Feb 28)
    - Re: sFlow vs netFlow/IPFIX Pavel Odintsov (Feb 28)
    - Re: sFlow vs netFlow/IPFIX Roland Dobbins (Feb 28)
    - Re: sFlow vs netFlow/IPFIX Pavel Odintsov (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Roland Dobbins (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Pavel Odintsov (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Roland Dobbins (Feb 29)

(Thread continues...)