On 10/25/06, Gary Gatten <[EMAIL PROTECTED]> wrote:
I'd be curious to see your routing config. I'm no BGP expert, but it's
so hard. Traffic to you is controlled by routing tables you DONT
control. Certain BGP attributes can be tweaked: AS PATH prepending,
MED's, etc., but it's so hard to control inbound traffic unless you have
different address spaces. If your BGP session is flapping you got
issues. Most ISP's will dampen your updates which mean no route on that
path.
Anyway, this is off this list topic. Interesting though!
I'd take it off-list. :)
IP accounting doesn't bother most routers much. Assuming you don't
have malware generating traffic at ridiculous rates.
Let me ponder your config more. two nics in ntop should get you stats
for each link, BUT, you're seeing the traffic post NAT which will make
it hard to get it down to a specific client. Now, if your users use
1.2.3.4 and your "servers" use .5, .6, .7, .8, etc - and you don't care
about individual users and want "all" users - then you'll be OK.
I kinda care about individual users - but not for *this* particular
piece of it. I mean, for instance, if I can just look at what is
coming in from where (and I'm really only concerned with what is
coming in since we do control what is going out) I'd be good. If I
could then - when I see a huge increase of traffic somewhere - turn on
looking at individual systems talking "too much" then I'd be golden!
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
