R P Herrold wrote:
On Thu, 26 Jun 2008, Gus Wirth wrote:
I have a group of machines on a switch that are suffering from one or
more of them hogging the available bandwidth to the outside. I have
configured the switch to set up a monitoring port so I can grab all
the traffic going to/from the outside world. What I need now is some
way of analyzing the packet stream to figure out who is using the most
bandwidth and when. I know all the MAC addresses of the individual
machines so I can trace them that way.
I think you are thinking too hard, unless it is intra-network traffic
you are concerned about (unlikely as you mention 'outside').
I thought thinking was good? ;)
bandwidthd if you can hop up to the IP layer
http://bandwidthd.sourceforge.net/ has done a nice job here -- trivial
to build and configure
This looks like exactly what I need.
The reason I mention MAC addresses is because the machines on the
network use DHCP. I know that most of the time the DHCP lease mechanism
will reassign the same IP address to the requesting machine, but there
may be circumstances where it doesn't happen. There is also the (remote)
possibility that a particular machine may have more than one IP address.
The bandwidthd program has the option to log to a database. Maybe a
small tweak will allow recording the MAC address also for data analysis
at a later time.
Thanks,
Gus
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
