We're testing out the new NetFlow feature of the vDS and not being the most experienced with networking, I had a couple of questions.
The NetFlow tool allows you to set an IP address for the vDS and from several blog posts I finally found out that this is nothing more than an identifier to funnel all your traffic through. Now, this could be helpful because you wouldn't need to spend a whole lot of money to license a product like Scrutinizer since you'd only be configuring it for essentially one device. However, the information you get from the analyzer shows the traffic on interfaces, which display as vSphere port numbers, e.g. Instance 1002, Instance 1004, etc.
I attempted to add some information to our ports, giving them a name and description, which I didn't really think would change anything (and it didn't), but it was worth a try. If you could name these such that you could see what they were in the analysis tool, that would probably be a lot more helpful.
I guess my main question is how useful is it to set this vDS "IP address", or whether to just leave it blank so you can see all your individual ESXi servers by name.
Secondly, if you only want to view internal, vmware traffic, my guess is that you'd leave the netflow monitoring disabled on your uplinks. I found that enabling that caused Scrutinizer to start throwing a lot of alarms that were happening on external IPs, tracing back through showed that the data was originating from the uplink ports.
Finally, I wonder if VMWare would consider renaming their console protocol so that it isn't using "ideafarm-chat" as it's protocol name. Maybe use something more identifiable as vmware traffic.