Comparing Netflow data to SNMP Interface data

Modified on 2025-06-10 13:11:26 +0200

I have Netflow enabled on an interface like so:

Interface f0/0/1 ip flow ingress ip flow egress

Then I have two separate sensors on PRTG filtering Netflow data going in and out of the interface using this filter for the inbound traffic: InboundInterface[1]

And for the outbound traffic: OutboundInterface[1]

I'm also monitoring the same interface using SNMP, which gives me the standard three channels: Traffic Total, Traffic IN, Traffic OUT.

The problem is, when I compare my SNMP data to my netflow data for the outbound or inbound traffic, they don't match up!

Netflow shows more total traffic than SNMP.

Why could this be?

Article Comments

Dear JP Escobari

In which magnitude are you seeing more Netflow traffic than SNMP traffic? For example, some percent more? Twice or ten time as much?

Apr, 2015 - Permalink

False alarm Dear Arne!

I was getting duplicate Netflow data probably because that device is a branch router and I had both IP Egress and IP Ingress configured on the interface.

Now I'm only using IP Ingress on the interface and still getting the OUT data that I needed to monitor.

I can verify the problem is solved because my Netflow OUT data graph resembles the SNMP Traffic OUT graph.

Thanks for your kind support! You guys are the best.

Regards,

Juan Pablo Escobari

Apr, 2015 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

Comparing Netflow data to SNMP Interface data

Article Comments

Search

Attention

Related Articles