Flow export first appeared on routers with very limited hardware resources. On many of these devices, as interface bandwidths increased, tracking every packet required more horsepower than the router or tap could supply. Instead, the hardware sampled packets to create flow data, recording and exporting only a specified fraction of the traffic passing through the device. This flow data was necessarily incomplete.

Today, most hardware can track most or all flows going through a machine in most small and medium-sized environments.^[2] Once you start to get into 10 gigabit networks, sampling 1 in 100 or 1 in 1,000 packets is the norm. As hardware capacity increases, we'll sample more fully, but bandwidth will increase similarly. ...