nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Netflow Type 7 (was RE: bw usage?)

From: "Dana Hudes" <dhudes () hudes org>
Date: Wed, 26 Jul 2000 12:26:52 -0400

Usually you don't want type 7, you want type 5. Let cflowd et al have the full data. Type 7 the router has done 
aggregation for you. Good for reducing
overall data rate to the flow capture system but bad for seeing what's going on in your network.

----- Original Message ----- 
From: <rdobbins () netmore net>
To: <nanog () merit edu>
Sent: Wednesday, July 26, 2000 12:11 PM
Subject: Netflow Type 7 (was RE: bw usage?)





Does anyone know of a tool like Cflowd which will capture Netflow Type 7
stats?  The only one I know of is the commercial product from Cisco; any
advice would be greatly appreciated.

-----------------------------------------------------------
Roland Dobbins <rdobbins () netmore net> // 818.535.5024 voice
 

-----Original Message-----
From: Alex [mailto:alex () nac net]
Sent: Wednesday, July 26, 2000 8:23 AM
To: David M. Ramsey
Cc: nanog () merit edu
Subject: Re: bw usage?






On Wed, 26 Jul 2000, David M. Ramsey wrote:


For now I've cobbled together some crude software to regularly 
read SNMP port byte in/out counters from our switches, stashing 
the deltas in a DB for later reporting/analysis.


We do about the same thing, but we store absolute byte counts, relative
byte counts from the last measurement, and figure the kb/s; we also store
AdminStatus and OperStatus for SLA purposes. 



I'm concerned that the data is misleading, though, in that it will
include LAN broadcast traffic.  Also, customers end up paying 
for other bandwidth that they did not want or induce, like network 
scans, etc. (tough luck?).


Exactly, tough. If they use the bandwidth, then they should pay for the
bandwidth.



We've considered implementing unique customer VLANS to separate
customer broadcast domains, but it seems like that'd be a pain,
would eat up IP addresses, and possibly tax our routers with all of
the ISL/VLAN stuff?


We do that; it's unwise to have everyone on the same VLAN, as some others
have demonstrated.
Previous By Date Next
Previous By Thread Next

Current thread: