At 03:55 PM 1/19/2001, you wrote:
> My idea is to build a dual nic'd linux box and connect it between
>our top level switch and our wan router. With this setup I should be
>able to see all of the network traffic that is traveling across the wan
>link, right?
You can place the Linux box anywhere on the network. To see traffic
on a particular segment, just plug a nic into the segment's hub. Typically,
a linux installation doesn't need multiple nic's unless it's a firewall, router
or secure server. Any nic, on a Linux box or not, can view traffic on it's
segment.
> Now for my questions. Will this setup work? What will I have to
>setup to forward the traffic from one nic to the other, and still have
>ethereal see the traffic.
You'll want to enable ipforwarding or make modules for ip_forward and
ip_port_fw
only if you are sending data outbound. Tools like ethereal and ksnuffle allow
you to specify the network device to monitor. So there's no need to forward
nic-to-nic unless you are routing with the Linux box.
>Also how much of a machine will I need for
>this? Currently I am looking at using a Pentium Pro 200 with 128 MB of
>ram.
That's more than enough for this application and more. I have a Linux
ISDN router installed in 1997, still plugging away on a 486SX with 16MB
RAM and a 800MB disk.
>Does anybody know of a package that would generate a html page of
>the T1 usage? Has anybody done this before?
Check javascript.com or links found there for network resource doo-dah's.
Does your switch or router allow usage logging? If not, it may make sense
to let the Linux box route for you. Then you can watch traffic, ports, users,
bandwidth and much, much more. A typical Linux installation will run circles
around *most* router and some switch hardware.
-----------------------------
James S. Kaplan KG7FU
Eugene Oregon USA
[EMAIL PROTECTED]
http://www.rio.com/~kg7fu
ICQ # 1227639
Have YOU tried Linux today?
-----------------------------
