Re: Open source Netflow analysis for monitoring AS-to-AS traffic

[Peter Phaal <peter.phaal () gmail com>]

The documentation for IOS-XR suggests that enabling extended-router in the
sFlow configuration should export "Autonomous system path to the
destination", at least on the 8000 series routers:

https://www.cisco.com/c/en/us/td/docs/iosxr/cisco8000/netflow/command/reference/b-netflow-cr-cisco8k/m-sflow-commands.html

I couldn't find a similar option in the NetFlow/IPFIX configuration guide,
but I might have missed it.


On Thu, Mar 28, 2024 at 10:48 AM Saku Ytti <saku () ytti fi> wrote:

> Hey,
>
> On Thu, 28 Mar 2024 at 17:49, Peter Phaal <peter.phaal () gmail com> wrote:
>
> > sFlow was mentioned because I believe Brian's routers support the
> feature and may well export the as-path data directly via sFlow (I am not
> aware that it is a feature widely supported in vendor NetFlow/IPFIX
> implementations?).
>
> Exporting AS information is wire-format agnostic feature, if it's
> supported or not, it can equally be injected into sFlow, NetflowV5
> (src and dst only), NetflowV9 and IPFIX. The cost is that you need to
> program in FIB entries the information, so that the information
> becomes available at look-up time for record creation.
>
> In OP's case (IOS-XR) this means enabling 'attribute-download' for
> BGP, and I believe IOS-XR will never download any other asn but src
> and dst, therefore full information cannot be injected into any
> emitted wire-format.
> --
>   ++ytti