• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 24 subscribers
  • Views 501 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Riverbed Interfaces

mdriscoll

I'm trying to figure out which interfaces I should configure on my Riverbed devices in order to properly export NetFlow information. Each device has 5 ports: primary, lan0_0, lan0_1, wan0_0, and wan0_1. lan0_1 and wan0_1 aren't connected so I can disregard those. The primary interface is the management interface (IIRC) so I can disregard that one. That just leaves lan0_0 and wan0_0. Should I capture data from both or just one of them?

  • 0

    Hi Mdriscoll,

    One of the primary use cases of NetFlow is to disclose what is taking up WAN bandwidth as it is a recuring cost and as such requires management.  It sounds like this device only passes data from the LAN to the WAN so you would be covered by using the WAN IF as your exporter.

    Andy

  • 0 in reply to mcbridea

    I am in the middle of a Riverbed implementation as well.  I think this thread answered my question of whether I need to monitor both LAN and WAN interfaces.  However, I just wanted to know what would happen if you monitored both interfaces?  Will Orion be able to tell that comes from the same device and give me correct numbers or would it double my numbers since it is seeing that some of the same data is on both the LAN and the WAN?  I know in the NetFlow setup on the Riverbed it has a field to enter the LAN subnets.  It says: "Specify which subnets are on the LAN side of the appliance, which allows the netflow collectors, including top talkers, to properly classify traffic as LAN or WAN. "  I didn't know if Orion gets that subnet info and uses it somehow to sort out the data it would receive if both LAN and WAN were being monitored.

    This is my first time working with NetFlow, so I'm just trying to get a good handle on what to expect.

    Also, does anyone have a general idea of what the bandwidth hit is for the NetFlow data going across the pipe to the collector?  My other fear would be that I end up clogging my pipe with the extra data I'm collecting.

    Thanks,
    Bill

  • 0

    On the WAN interface, I believe it is all port 7800 traffic, probably want to see the lan0_0 traffic.

    You may be able to config it on the InPath IP?

  • 0 in reply to MatthewUHS

    We use Cisco's WAAS; but it's a similar concept to the Riverbed product. If you're using the Steelheads inline, then you pretty much have to monitor the lan side because Riverbed translates all traffic into a single port on the WAN side, even if you use their "transparency" stuff.

    What I tend to do is monitor the flow export on the head-end router, but if I have to do flow on the remote end I use the LAN side.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.