1 Reply Latest reply on Nov 24, 2009 1:57 PM by clmb511

    NetFlow in service provider/ overlapping IP addresses

      We are looking at deploying NetFlow in a service provider environment to our MPLS (IP VPN & VPLS) customers. However since all of our customers use RFC 1918 private address space there is almost certain to be IP address overlap. In the IP-VPN world we can force the customers to use unique IP addresses but in the VPLS world it is a layer 2 service and we cannot really force them to change their IP addressing scheme to accomodate us.

      But I'm not sure what type of overlap matters - you can set the source interface for NetFlow, which effectively sets the NetFlow record source IP to any address you like (regardless of the actual WAN interface IP or management IP) as long as you have an extra interface available, right?

      Also, does anyone know how the router actually routes outbound NetFlow packets? Do they have to go out over the source interface or is it possible to assign them to that interface (to get that IP) but force them to go out a different port?

       

      Thanks!

        • Re: NetFlow in service provider/ overlapping IP addresses

          To clarify here are the scenarios I'm trying to understand:

           

          1) 2 different routers with the same /30 WAN interface IPs -

           

          2) 2 different routers with the same management IP address but different /30 WAN interface IPs

           

          From what I can understand #1 is not an issue because you can set the netflow source to be an interface other than the WAN interface, avoiding having duplicate NetFlow sources in the collector. 

          #2 seems like it will clearly be an issue.


          Anyone have any experience or theories to share?