I am working to do the impact assessment of netflow on the existing devices. I want to know the no of flows passing through the boxes. Could you anyone please give me an idea as how could i find out no of flows in the network without configuring netflow.
Any help in this would me much appreciated.
There would be no flows as you don't have netflow enabled , until you enable netflow nothing is being pushed in terms of flows to measure or calculate
netflow needs to be first applied to a layer 3 or layer 2 interface to collect stats from and then flows are generated / stored or exported to a server to view
so the answer would be no , not until its enabled
I understand it would not be possible to check with netflow untill we enable netflow. I mean to ask is there any other way to figure out no of flows in the network. maybe some approximate value.
for example we take 64 bytes for a voice call and look at the no of users for voice application and conclude the bandwidth required for voice. Similarly, i was thinking any method to figure out no of flows in the network.
not sure if you can do that before hand maybe you can I don't know , we just test ours as its in place ensuring were not causing issues to our switches/routers , you could turn it on bit by bit as its flexible netflow and see what your collecting to give you an idea as you can only collect certain parameters if you need to , or do 1 interface at a time
Netflow in general wont harm your device it usually just jumps the cpu by 2 - 5% if even and on bigger switches you shouldn't even notice it
we have 2 netflow systems on our lan we export to each one all flows and we have over a 1000 devices sending them and we don't see any issues on router/switch side , although some collectors are limited by license to what you can send to them in terms of flows
do see this online if its any use
Thanks Mark for helping me out on this. Do you have any document from Cisco or any other source which explains impact of netflow on cisco devices.
How does it impact the CPE, Memory, TCAM etc? How does it impact different hardware platform? How does the no of flows impact the overall router performance?
so that's a huge question as diff platforms process netflow differently , like 65s can be in hardware others in software , I don't have links to each platform you would have to look into that and probably wont be that easy to find as its not even mentioned on the public data sheets Cisco provides per platform
I have been running netflow on everything for the last 8 years in diff companies all diff types of hardware from 800 series up to ASRs and never had an issue with it , it terms of causing impact to local kit or production traffic
there is a couple of generic links online
few white papers on it
as an example one of my 4331s a mid range router has sent over 7 million flows , its cpu is 2% :)
#sh flow exporter statistics
Flow Exporter LIVEACTION-FLOWEXPORTER-IPFIX:
Packet send statistics (last cleared 32w6d ago):
Successfully sent: 74360841
#sh proc cpu sorted
CPU utilization for five seconds: 1%/0%; one minute: 2%; five minutes: 2%
It seems to me that the impact of NetFlow (which in my experience is not large) is in preparing data for export and in exporting the NetFlow data. I would think that you could enable NetFlow on the devices you want to measure without configuring any export. The device would process flows and should allow you to obtain counts of flows with minimal impact on the device.
I agree with Mark that without enabling NetFlow that I do not know of a way that you could estimate the number of flows.