Content deleted Content added
NapoliRoma (talk | contribs) -"NetFlow" from (most) section names (per WP:NOBACKREF); tag term "the key", which is used but not previously defined (do the seven values form the key?); other minor ce |
Jimmy Olano (talk | contribs) →History: simple reference |
||
Line 334:
The idea was that the first packet of a flow would create a NetFlow switching record. This record would then be used for all later packets of the same flow, until the expiration of the flow. Only the first packet of a flow would require an investigation of the route table to find the most specific matching route. This is an expensive operation in software implementations, especially the old ones without [[Forwarding information base]]. The NetFlow switching record was actually some kind of route cache record, and old versions of IOS still refer to the NetFlow cache as '''ip route-cache'''.
This technology was advantageous for local networks. This was especially true if some of the traffic had to be filtered by an [[Standard Access Control List|ACL]] as only the first packet of a flow had to be evaluated by the ACL.<ref name="kentik">[https://www.kentik.com/blog/netflow-sflow-and-flow-extensibility-part-1 NetFlow, sFlow, and Flow Extensibility, Part 1]</ref>
NetFlow switching soon turned out to be unsuitable for big routers, especially Internet backbone routers, where the number of simultaneous flows was much more important than those on local networks, and where some traffic causes lots of short-lived flows, like [[Domain Name System]] requests (whose source port is random for security reasons).
| |||