[183387] in North American Network Operators' Group
Re: NetFlow - path from Routers to Collector
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Tue Sep 1 13:12:36 2015
X-Original-To: nanog@nanog.org
From: "Roland Dobbins" <rdobbins@arbor.net>
To: nanog@nanog.org
Date: Wed, 02 Sep 2015 00:12:27 +0700
In-Reply-To: <CA+3sbiPOnniOn=+sCcn6t9kQMDvW0C_s1AgxA4jjvkCgtE1gXw@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
On 2 Sep 2015, at 0:08, Steve Meuse wrote:
> Your advice is not "one size fits all".
Actually, it is.
Large backbone networks have DCNs/OOBs, and that's where they export
their NDE.
> I've done netflow over production links for two very large backbone
> networks.
Did you manage your routers and switches and hosts and so forth in-band,
too?
> Over the combined 17(?) years, never saw a problem.
Until you do.
Running flow telemetry in-band is penny-wise and pound-foolish, for
networks of any size, in any circumstances. All management-plane
traffic (and that's what flow telemetry is) should be segregated from
the production network data plane.
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
