NetFlow - path from Routers to Collector

Job Snijders job at instituut.net
Tue Sep 1 16:10:42 UTC 2015


On Tue, Sep 01, 2015 at 08:33:42AM -0700, Serge Vautour wrote:
> For those than run Internet connected routers, how do you get your
> NetFlow data from the routers to your collectors? Do you let the flow
> export traffic use the same links as your customer traffic to route
> back to central collectors? Or do you send this traffic over private
> network management type path? If you send this traffic over the
> "Internet" (within your AS), are you worried about security?

To answer your first question: i see no issue in transporting flow
export traffic over the same backbone used to serve customer traffic.

Not entirely security related, but a neat trick is to use a tool like
'samplicator' to distribute the UDP packets to all applications of
interest. You'll find that on many router platforms you can only
configure a limited amount of netflow/sflow collectors, often less then
the amount of applications that need the data for dissemination.

Especially if you have multiple independent instances of the application
for redundancy purposes!

And, keep in mind, you can anycast the instances of 'samplicator' in
your network :-)

https://github.com/sleinen/samplicator

Kind regards,

Job



More information about the NANOG mailing list