Enabling RITE on the 7206VXR-NPE-G2 router

Unanswered Question
Jul 10th, 2009
User Badges:

I need to enable RITE (Router IP Traffic Export) on a 7206VXR router running 12.4(15)T5 on an OC3 interface. How much should I be concerned about CPU utilization? Any other concerns? This is not for IDS. Where else can I have the capture besides ISR routers? Can a regular netflow collector capture traffic in this scenario? How is RITE different from NetFlow?


Thanks,

Nadeem

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 07/10/2009 - 21:37
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Nadeem,


>> How is RITE different from NetFlow?


Netflow classifies flows and exports information on observed flows, RITE attempts to export captured data (packets)


Depending on your needs netflow can be enough.

Also if you look at


http://www.cisco.com/en/US/partner/docs/ios/12_4t/12_4t11/ht_rawip.html


or


http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_rawip.html


you can see the following limitations:

RITE export is done at L2 level the destination is actually a MAC address of a device in the same IP subnet of the exporting interface.


the document says RITE is supported only on ISR routers, C7200 is not mentioned


So RITE can be useful as an OSI L2 converter:

to capture data on a serial interface for example and to send them to a laptop with a protocol analyzer running on it.


Netflow export is IP based and can be sent to a collector server that is several hops away.


Even if C7200 supports it the cpu load for capturing traffic on an Oc-3 link can be high, there is an option to use ACLs to make a selective capture.


Hope to help

Giuseppe


Actions

This Discussion