Hello everyone I'm looking for advice on how to best optimize ntop under the following hardware/software contraints:
Sun Netra T1 single UltraSPARC-IIi 440MHz processor 512MB RAM 1536MB swap 2 SUNW,hme network interfaces Solaris 8 (Generic_108528-14) This machine's primary purpose is to analyze network activity. One interface is connected to a hub along with a Cisco PIX, which all traffic is routed through. The other interface is connected to a hub on the internal network. We are serviced by a 3-node OC-3 Sonet Ring (~36Mbps). I successfully built & installed ntop 2.0.99 rc2 a week ago, but am having problems keeping it up with all the network traffic. I tried the latest CVS snapshot - same thing. The command line I am using to fire it up is: /usr/local/bin/ntop -u $myusername -a /var/ntop -d -D $domain -m 10.0.0.0/8,$classB/16 -LN -i hme0,hme1 -P /var/ntop -t 5 -w 3000 -W 3001 (where $myusername is my login name, $domain is the org's domain name, and $classB is the org's class B IP block - I apologize for the paranoia!) The program runs fine for a while (<30 minutes) but eventually the web interface hangs whenever you click on anything. The CPU usage for the ntop process is usually somewhere around 60-70%, and the size around 550MB. Is my problem that the machine I'm attempting to do this on simply cannot keep up with the amount of traffic coming accross the wire? If so, would a kernel packet filter help solve the problem? I've installed & used ntop on several other servers (X86 Linux boxes, mostly) without any problems like this. Granted the traffic on this machine is much greater than on those other servers, is there some possibility that there could be some flakiness with the Solaris port of ntop? My thanks go to Luca and all of the others who helped bring this awesome piece of software to the open source community! Regards, Lars Peterson _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://lists.ntop.org/mailman/listinfo/ntop
