On 10/25/06, Gary Gatten <[EMAIL PROTECTED]> wrote:
Need to read this again to be sure, but here are some options:
Multiple NICS - each one monitors a different ISP connection - two
different SPAN sessions
Host Clusters. Not much doc here, but easy once you figure it out.
Not sure if it would work for you though as the source and dest IP can
be the same on both links - right? Or, are your source - your company's
IP's - different depending on which link they use?
They all use the same Class C from the larger ISP connection -
however, the routing is split up between the two routers depending on
where they're going. We have a "corporate" side and an "ecom" side.
Once they're routed in the right direction, there's a firewall between
them.
get netflow working? :)
Hell no! Have no idea what the deal is but even after the re-install,
no love. I'm thinking it just has to do with the complexity of this
box, and this box's routing.
If you don't care about what types of traffic and just want to see
volume stats, use MRTG or similar SNMP tool to trend ifOctets in/out on
each ISP int.
use show int on routers and look at traffic. There's packets tx/rx,
bytes tx/rx, 5 minute loads - that can be changed.
I'm using Cacti for that, but what I'm really after is what IPs from
the Internet are coming to what IPs of ours (are they using the big
connection for ecom stuff or, instead, the small side?).
If both routers are connected to both switches, one of the ports should
be blocked via STP - so make sure you are SPAN'ing the active/forwarding
port(s)
Well, right now I'm just spanning the one port that the router for the
small connection is plugged into.
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
