Cflowd configuration overview, Traffic sampling – Alcatel-Lucent 7750 SR OS User Manual

Page 440

7750 SR OS Router Configuration Guide

Cflowd Configuration Overview

The 7750 SR OS implementation of cflowd supports the option to analyze traffic flow. The imple-
mentation also supports the use of traffic/access list (ACL) filters to limit the type of traffic that is
analyzed. Traffic blocked (dropped) by ACL filters is not sent to cflowd for analysis.

Traffic Sampling

Traffic sampling does not examine all packets received by a router. Command parameters allow
the rate at which traffic is sampled and sent for flow analysis to be modified. The default sampling
rate is every 1000th packet. Excessive sampling over an extended period of time, for example,
more than every 1000th packet, can burden router processing resources.

The following data is maintained for each individual flow in the active flow cache:

•

Source IP address

•

Destinations IP address

•

Source port

•

Destination port

•

Input interface

•

Output interface

•

IP protocol

•

TCP flags

•

First timestamp (of the first packet in the flow)

•

Last timestamp

•

Source AS number (taken from BGP)

•

Destination AS number (taken from BGP)