Netflow improves much regarding performance when comparing to past implementation. Lets compare some:
- you dont have to examine now each packet, you can use packet sampling. Packet sampling allows you to examine random or deterministic packets but not all packets.
- metering process is now in hardware and not in software
Collisions in the cache
- size of the cache is increased
- hash function is improved so very few collisions exist nowadays (like in N7K that mac address full from the hash)
- you have now flexible netflow and netflow v9. You dont need to export everything just the fields you need.
Big progress as you can see from the performance point of view. Basically general approach when you buy new equipment you should know what you will run on it. Encryption, netflow, pfr, nbar, etc… these all features will decrease the packets per second or throughput of the device itself.