NetFlow questions

Unanswered Question
Jan 28th, 2008

1. Given an L3 GEC comprised of four GigE ports that interconnects a distribution-layer router and an access-layer router, if I have netflow enabled on the distribution end of the GEC, is there any reason/benefit that I should enable netflow on the four underlying GigE ports (on the distribution side) as well?

2. I thought since netflow cache is only being enabled on the distribution side, the only traffic my netflow tool could report on would be conversations between hosts in that specific access-layer area and hosts outside the area. The reality appears to be the opposite: The conversations reported by the netflow tool all seem to be host-to-host within that specific access-layer. I tried to search for known traffic between my PC to a server there, but came up empty. Could anyone explain this phenomenon?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Edison Ortiz Sat, 02/02/2008 - 14:28

1. It's best practice to have the same configuration on the physical ports and the logical port representing the physical ports.

2. If you enable NetFlow on the physical ports, are you able to see the expected traffic?




This Discussion