On Thursday, November 20, 2014 08:53:56 AM Roland Dobbins wrote: > NetFlow is primarily of use at edges - peering edge, > transit edge, customer aggregation edge, etc. Why would > you want to collect it from the core? I can see (and > advocate) having NetFlow enabled on core routers for > interactive troubleshooting via the CLI, but why export > it, when there's more value in exporting it from the > edges?
A lot of people "consider" this option as a way to keep costs down so as not to have to deploy too many licenses or resources to support too many edge routers. For me, this doesn't work for various reasons, not least of which is despite decent commercial Netflow collectors claim to have MPLS DPI support, your experience in a field deployment actually varies or does not trend the data sheets. But even more importantly, in a large scale network, it is naive to think all traffic crosses the core, as there can be quite a significant amount of edge-to-edge traffic within a PoP that will never cross the core. On the otherhand, many small-to-medium sized networks are built to sell access to the Internet. So it is possible that traffic will cross the core toward a border or peering router. Mark.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
