|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
In-Reply-To: <CAB8g2zzmCH8MMAMVum6i5WZFRxmXXApUvd5KD0-WZH1fXfdKbA@mail.gmail.com> To: Peter Phaal <peter.phaal@gmail.com> From: Joe Loiacono <jloiacon@csc.com> Date: Fri, 13 Jul 2012 21:30:37 -0400 Cc: nanog@nanog.org Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org Peter Phaal <peter.phaal@gmail.com> wrote on 07/13/2012 04:20:45 PM: > 2. sFlow: Packets are randomly sampled in hardware and the packet > headers are immediately exported as sFlow datagrams - there is no flow > cache on the switch/router. In addition to exporting the packet > header, the sFlow agent captures the FIB state associated with > forwarding the sampled packet, exporting information such as next hop > router, AS-path, communities etc What about byte counts? Just those in the sampled packet (i.e., no running totals per flow)? > In contrast, the sFlow standard specifies how sampling must be performed > and ensures that information is included that allows the sampled data > to be correctly scaled and produce unbiased measurements. Does sflow software typically recreate the total byte count per flow (e.g., TCP session) by scaling? Thanks, Joe
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |