NetFlow can be employed for accounting, anomaly detection and network monitoring. IPv4 core routers provide generally IPFIX or NetFlow functionality, and IPFIX or NetFlow can bring new data source for network management; however most IPv6 routers in CERNET2 backbone network don't provide IPFIX or NetFlow flow record. This paper designs and develops a NetFlow v9 measurement system (N9MS) which converts IPv6 packet traffic into the NetFlow v9 flow records. N9MS has two improvements to the traditional Cisco's sampled NetFlow feature. Firstly, the sampling strategy in Cisco's is packet sampling, while that in the N9MS is flow sampling. Flow sampling can keep all packets in the sampled flows, so N9MS can infers network performance information with the sampled packets. Secondly, N9MS directly uses these packets of sampled flow to calculate the network performance both round trip time (RTT) and packet loss ratio, and then we define and record both RTT and packet loss ratio field in the scalability NetFlow v9 template format. Now N9MS is running to detect a 10Gbps backbone link between Nanjing site and the CNGI-CERNET2 backbone.

• 出版日期2014-3
• 单位东南大学