You might just ask him to provide you with a read-only snmp password. His reluctance is probably related to that. Or, ask him to give you the graphs from MRTG for the switch ports you are speaking of. That way he remains in control of the security and only has to print out the charts. The nice thing about MRTG is that you can see the point-in-time usage where the switch only keeps track of total volume passed through it (along with other counters), as Bill mentioned.
From: Mayo, Bill [mailto:[email protected]] Sent: Tuesday, May 05, 2009 11:54 AM To: NT System Admin Issues Subject: RE: Cisco Catalyst 2950 / 3550 info Absolutely, just execute a "clear counters" command. You will then get a confirmation prompt asking if you sure you want to clear the counters on all interfaces. I would also append my previous comments to indicate that the switch does show you when the counters were last reset on a per interface basis. So, if you ask to get the output from a "show interface" command (warning: it will be long), you will see the details of every interface on the switch. What you would be looking for would be: * Last clearing of "show interface" counters: this tells you when the counters for that interface were last reset. If it says "never" then it basically means that the counters have not been reset since the last time the switch powered on (counters are automatically 0 when the switch powers on). If all the interfaces have the same information here, then you can make some relative assumptions about the traffic to ports. I would caution, though, that unless the switch is very static (i.e. same things have stayed plugged in long term), the information may not be helpful. It also is not helpful if the switch has been up forever and usage patterns have changed. One final thing: if the last rese time is "never" you can see how long the switch has been up with a "show ver" (look for "switchname uptime is..."). * x packets input, x bytes, x no buffer: this tells you how many packets/bytes have come into the interface (received). * x packets output, x bytes, x underruns: this tells you how many packets/bytes have gone out of the interface (sent). You can then just take the input/output and add it together to get a total. I would reiterate that this will give you some basic information, but if you *really* want to keep track of that port MRTG (or something similar) gives you the best information. ________________________________ From: David Lum [mailto:[email protected]] Sent: Tuesday, May 05, 2009 11:43 AM To: NT System Admin Issues Subject: RE: Cisco Catalyst 2950 / 3550 info Thank you! Is it feasible to reset all the port counters at once? It's just a counter reset and it doesn't affect anything else right? I would settle for asking him to reset the counters on all the ports and looking at the volume two days later - it would be more info than nothing. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Mayo, Bill [mailto:[email protected]] Sent: Tuesday, May 05, 2009 8:22 AM To: NT System Admin Issues Subject: RE: Cisco Catalyst 2950 / 3550 info It really depends on what you are looking for. You can go into the switch and use a "show interface" command to see statistics on that port since it was last reset. Assuming that the port counters were all reset at the same time, you could look at the input/output counters on all the ports to see which one is the "busiest". You can also see the amount of traffic over the last 5 minutes, but there is no other historical data kept long term on the switch. What MRTG does is polls the switch via SNMP at some interval and gives you long term graphs. This is the better way to get good information and it is true that it would require some configuration--SNMP would have to be enabled on the switch, and MRTG would have to be configured to monitor the relevant ports. Of course, you would have to wait some interval to collect enough data to have meaningful results. How hard/easy it is to configure MRTG to do this is directly related to the person's level of comfort with MRTG; enabling SNMP on a switch is trivial. Bill Mayo ________________________________ From: David Lum [mailto:[email protected]] Sent: Tuesday, May 05, 2009 11:09 AM To: NT System Admin Issues Subject: Cisco Catalyst 2950 / 3550 info How hard is it to get a report on traffic for each port on Cisco 2950's and3550's? I know our network guy uses MRTG for some things, but I'm getting resistance to asking him to tell me which port is generating the most traffic. The current response is "there needs to be a config change to get that data". I have experience with Dell managed switches (PowerConnect 5324 and the like) and it's a simple matter to find which port has passed (is passing) the most traffic, so I am skeptical about the amount of effort required on a Cisco switch to achieve the same thing... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
