nanog mailing list archives

Re: sFlow vs netFlow/IPFIX

From: freedman () freedman net (Avi Freedman)
Date: Mon, 29 Feb 2016 02:27:24 -0500 (EST)


Re: limits -

For Cisco/Juniper it's in the low hundreds of thousands of flows/sec
per chipset/linecard for 1:1 NetFlow/IPFIX, I think.

Then of course, as has been mentioned, you'll need to be able to send
it and receive it to something - and store+query.

Avi Freedman
CEO, Kentik

On 28 February 2016 at 23:40, Nick Hilliard <nick () foobar org> wrote:


<snip>

Around here they are currently voting on a law that will require unsampled
1:1 netflow on all data in an ISP network with more than 100 users. Then
store that data for 1 year, so the police and other parties can request a
copy (with a warrant but you are never allowed to tell anyone that they
came for the data and the judges will never say no).

My routers can apparently actually do 1:1 netflow and the documentation
does not state any limits on that. So maybe I am lucky?

To the original question: in this country sFlow only is apparently about to
become illegal.

Regards,

Baldur

Current thread:

Re: sFlow vs netFlow/IPFIX, (continued)
- - - Re: sFlow vs netFlow/IPFIX Nick Hilliard (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Nikolay Shopik (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Pavel Odintsov (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Saku Ytti (Feb 29)
    - Re: sFlow vs netFlow/IPFIX sthaug (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Saku Ytti (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Nick Hilliard (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Saku Ytti (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Phil Bedard (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Saku Ytti (Feb 29)
    - Re: sFlow vs netFlow/IPFIX Avi Freedman (Feb 28)
- RE: sFlow vs netFlow/IPFIX Phil Bedard (Feb 28)
- Re: sFlow vs netFlow/IPFIX Avi Freedman (Feb 28)
- Re: sFlow vs netFlow/IPFIX Saku Ytti (Feb 29)