monitoring lan-wan
Hello, Is there anything you would *recommend* re monitoring internet usage (LAN to WAN), something that is available in ports? This would have to be something that would allow me to tie it with a router as my FBSD is not a gateway. This function is handled by our Dlink DFL router. Many thanks in advance! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: monitoring lan-wan
On 10/20/06, Zbigniew Szalbot [EMAIL PROTECTED] wrote: Hello, Is there anything you would *recommend* re monitoring internet usage (LAN to WAN), something that is available in ports? This would have to be something that would allow me to tie it with a router as my FBSD is not a gateway. This function is handled by our Dlink DFL router. Many thanks in advance! -- Zbigniew Szalbot That really depends on the functionality of your router (and I'm not familiar with it, so can't comment on it), the configuration of your internal network and what you mean by 'monitoring internet usage'.. Do you only need to show aggregate traffic flow, to monitor total usage over time? If so, and if the router is SNMP-capable, then cacti (or mrtg, but it's not my preference) or some other some other utility that can get and graph SNMP stats will do what you want. If you wish to characterize the traffic to and from the Internet by protocol and/or user, then you'll have to do something more than simply using SNMP to monitor throughput on the router. In that case, you'll need to have your FreeBSD box actually parse the traffic, or get a netflow from the router (assuming that it can do that.) and ntop is a good start for the software you want, or perhaps etherape. Assuming that netflow isn't available from the router (and I think that's a fairly safe bet) the trick will be making sure that your FreeBSD box will see the traffic, and for that you'll need something like one of the following setups: 1) Put the router and your box on a dumb hub (not a switch) so that all of the traffic going to the router is visible to your box or 2) Have the router (again, assuming it's a multiport router, and capable of this, which is quite doubtful) mirror the traffic to a port to which your box is attached, or 3) Install two NICs in your box and have your router and your box attached to a switch that can mirror all of the traffic to the router - the first NIC will only receive traffic from the switch, the second NIC will have an IP address and be available for monitoring the box, including output from ntop or etherape. or 4) More tricky still, install two NICs in your box and have it act as a transparent bridge between your network and your router. I'm not familiar with this kind of setup, though I like the idea, and will be playing with it in my copious free time. :) or 5) Get a network tap cable, which is essentially a three-headed patch cable that provides receive-only wires for the third head, and that receive-only head is put into a second NIC on your box. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: monitoring lan-wan
Hi all, On Fri, 20 Oct 2006, Kurt Buff wrote: If you wish to characterize the traffic to and from the Internet by protocol and/or user, then you'll have to do something more than simply using SNMP to monitor throughput on the router. In that case, you'll need to have your FreeBSD box actually parse the traffic, or get a netflow from the router (assuming that it can do that.) and ntop is a good start for the software you want, or perhaps etherape. Assuming that netflow isn't available from the router (and I think that's a fairly safe bet) the trick will be making sure that your FreeBSD box will see the traffic, and for that you'll need something like one of the following setups: All I can do with the router is to enable logging to a syslog, which means I can connect it to FBSD, can't I? But I understand now that things will be a little more difficult than I thought :). Anyway, thanks for all the pointers! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: monitoring lan-wan
On 10/20/06, Zbigniew Szalbot [EMAIL PROTECTED] wrote: Hi all, On Fri, 20 Oct 2006, Kurt Buff wrote: If you wish to characterize the traffic to and from the Internet by protocol and/or user, then you'll have to do something more than simply using SNMP to monitor throughput on the router. In that case, you'll need to have your FreeBSD box actually parse the traffic, or get a netflow from the router (assuming that it can do that.) and ntop is a good start for the software you want, or perhaps etherape. Assuming that netflow isn't available from the router (and I think that's a fairly safe bet) the trick will be making sure that your FreeBSD box will see the traffic, and for that you'll need something like one of the following setups: All I can do with the router is to enable logging to a syslog, which means I can connect it to FBSD, can't I? But I understand now that things will be a little more difficult than I thought :). Anyway, thanks for all the pointers! syslog SNMP. Monitoring traffic by parsing syslog messages seems unlikely at best, but you'll want to tak a look at some samplings of your syslog messages to be sure. I'm not aware of any programs that do that, which is not to say that they don't exist, just that I don't know about them. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
