ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Comparing NetFlow and SNMP data


Article ID: 20612


Updated On:


CA Infrastructure Performance CA Network Flow Analysis (NetQos / NFA)


There is a difference between reports which use SNMP and CA Network Flow Analysis (ReportAnalyzer) data. Why is there such a difference?



Difference between SNMP data and Netflow 


All NFA and RA Versions


First of all, make sure that the NetFlow configuration is done properly on the router.

=> If NetFlow version 9 is used, then egress and ingress should be enabled on required interfaces

=> If NetFlow version 5 is used, then either ingress should be enabled on all the active interfaces.

Though the NetFlow configuration is correct, NetFlow and SNMP are fundamentally distinct technologies and therefore both may not report the exact same traffic out of a given interface.

When comparing NetFlow and SNMP-based data, the following should be considered:

  • NetFlow will not report non-IP traffic;
  • NetFlow will not report multicast IP traffic;
  • A busy router sometimes can't keep up with flow exports, look out for dropped flow packets in the router;
  • What do the NetFlow Missed Flow Sequence Numbers look like?
  • If looking at outbound utilization, please ensure that NetFlow is enabled on ALL interfaces as in NetFlow 5, Outbound is determined using inbound flows.