nanog mailing list archives

Re: Real world sflow vs netflow?

From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Sat, 22 Sep 2012 05:02:39 +0000


On Sep 22, 2012, at 12:40 AM, Peter Phaal wrote:

 However, moving the flow generation out of the router gives a lot of flexibility.


Actually, moving it out of the router creates huge problems and destroys a lot of the value of the flow telemetry - it 
nullifies your ability to traceback where traffic is ingressing your network, which is key for both security as well as 
traffic engineering, peering analysis, etc.

It is far, far better to get your flow telemetry from your various edge routers, if at all possible, rather that 
probes.  Scales better, too - and is less expensive in terms of both capex and opex.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

          Luck is the residue of opportunity and design.

                       -- John Milton

Current thread:

Re: Real world sflow vs netflow? Peter Phaal (Sep 20)
- Re: Real world sflow vs netflow? Nick Hilliard (Sep 20)
- Re: Real world sflow vs netflow? Mikael Abrahamsson (Sep 20)
  - Re: Real world sflow vs netflow? Peter Phaal (Sep 21)
    - Re: Real world sflow vs netflow? Dobbins, Roland (Sep 21)
    - Re: Real world sflow vs netflow? Peter Phaal (Sep 22)
    - Re: Real world sflow vs netflow? Dobbins, Roland (Sep 22)
    - Re: Real world sflow vs netflow? Peter Phaal (Sep 22)
    - Re: Real world sflow vs netflow? Danny McPherson (Sep 23)
    - Re: Real world sflow vs netflow? Dobbins, Roland (Sep 23)
    - Re: Real world sflow vs netflow? Peter Phaal (Sep 23)
    - Re: Real world sflow vs netflow? Dobbins, Roland (Sep 23)
    - Re: Real world sflow vs netflow? Joe Loiacono (Sep 24)
    - Re: Real world sflow vs netflow? Jeroen Massar (Sep 24)
    - Re: Real world sflow vs netflow? Peter Phaal (Sep 24)

(Thread continues...)