Last winter we purchased a pair of 7606 routers to use out at the NYSE colo facility. We connect via a 1gb fiber to the SFTI LCN for market data and FIX traffic. We fully expected to be able to use hardware assisted NAT and NDE to monitor the traffic. The netflow output we get is random, sporadic and very incomplete. After dealing with our Sales team and TAC, we have finally got them to admit that it doesn't work when NAT and NDE are configured on the same interface.
Nowhere in the Cisco marketing literature, Cisco Documentation, or even Cisco bug lists does it mention this. There are some caveats listed regarding NDE and NAT (flow mask conflicts, and fragments), but even given that, the caveats imply that it will work if the caveats don't apply or the flowmask conflicts are resolved. Also, there are no warnings when configuring it. The feature manager shows no errors or conflicts, etc... At every step, in my opinion, cisco has been reluctant to admit that it doesn't work. Only when confronted with the evidence, they did finally admit it. Had we known of this limitation, we would have purchased different hardware including possibly another vendor's solution. I'm looking at using SPAN to replicate the data and send it to a linux box to then create netflow data exports, however, given the nature of the data (high bandwidth and microburst), I'm not sure that the Linux box will work accurately. I assumed the PFC would be doing the exports in hardware giving us the most accurate realtime look at the market data. Evidently I was wrong. I'm sending this so that no one else will make the same mistake we did as well as being in the nsp archives. ---- Matthew Huff | 1 Manhattanville Rd Director of Operations | Purchase, NY 10577 OTA Management LLC | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
