This is interesting - I understand (And this is what we currently do), enabling ingress netflow on all "relevant" interfaces provides you with ingress+egress traffic data.....but if you only enable ingress+egress netflow on your Transit Interfaces(And not on customer subinterfacea), it does not provide this? Can anyone please explain why?
Cheers. > From: rdobb...@arbor.net > Date: Thu, 22 May 2014 08:31:38 +0700 > To: cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] more net flow, which interfaces to monitor and in > which direction? > > > On May 22, 2014, at 8:11 AM, Charles Sprickman <sp...@bway.net> wrote: > > > It seems unwise (and complicated) to add an ingress flow statement on every > > subinterface. > > How is it unwise and complicated? > > Enable it, it's done. Simple. > > > If I could just add an “ingress” and “egress” statement to each of my two > > transit connections, that seems more ideal. Is this something I should > > *not* do on modern hardware? > > Check with Cisco - it's caused issues on other platforms in the past. > > But I don't understand your rationale for not wanting visibility into all > your traffic passing through the routers in question. You don't want > traceback for outbound/crossbound traffic emanating from your subscribers? > > ---------------------------------------------------------------------- > Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> > > Equo ne credite, Teucri. > > -- Laocoön > > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/