02-09-2020 07:31 AM - edited 02-09-2020 09:15 AM
Would there be any considerations in regards to negative impacts by implementing Netflow on production network devices/infrastructure such as memory, CPU, etc? I know only cached data is sent to a collector so I would not think so but seeking some guidance.
02-09-2020 12:11 PM
Hi, On modern hardware you would only expect to see a couple of additional % utilisation once netflow is enabled.
HTH
02-10-2020 09:37 AM
02-10-2020 10:14 AM
A long time ago (15 years ago) netflow hogging resources used to be considered an issue, nowadays newer hardware shouldn't be a problem, even if hardware is 5 years old. You can define a CPU utilisation threshold, example here.
HTH
02-10-2020 02:06 PM - edited 02-10-2020 07:33 PM
Awesome!
What do you think is a good limit to set for the CPU?
Is it best to set cache limits as well?
Basically, if there is a ton of traffic on the network, I would want to reduce any potential for issue as much as possible by configuring certain parameters other than perhaps random sampling or something.
Also, if you have IPSEC VPNs that use the interface NetFlow in configured on, it should collect that tunnel data as well correct? What if there are multiple tunnels on that interface?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide