Security Basics mailing list archives

Re: bandwidth monitoring based on destination IP address

From: Bulgaria Online - Assen Totin <assen () online bg>
Date: Tue, 1 Feb 2005 10:31:42 +0200

Hi,

OK> I have a customer who wants to monitor his  bandwidth based on
OK> destination IP - ideally I would have liked to use MRTG (free, easy to set
OK> up, works well), but am not sure if MRTG can pull data off a Cisco router

As far as I'm familiar with Cisco, no.

However, Cisco has a (lovely, some say) traffic summaty export
protocol called Netflow. If you enable route cache-flow on sone or all
your interfaces, you'll be able to export traffic sumamries to a given
host, then set up a listener and get the destination IPs, filetr the
ones you need and sumamrize the traffic. Netflow version 5 is easier
to deploy (than version 9), so I would recommend it. You can get the
protocol description form either the Cisco site or from here:

http://frodo.online.bg/~assen/netflow

There are GPL'ed client side implmentations lice cflowd, but it is not
difficult at all to write your own listener, say, in Perl.

WWell,

Assen Totin
Development Manager

===============================
        BULGARIA ONLINE
  Your quality... Your price!
===============================
tel. (+359 2) 973-3000 ext. 511
     http://home.online.bg

Current thread:

RE: bandwidth monitoring based on destination IP address Jennifer Fountain (Jan 31)
- <Possible follow-ups>
- Re: bandwidth monitoring based on destination IP address Jordan Dohms (Jan 31)
- RE: bandwidth monitoring based on destination IP address Shawn Wall (Feb 01)
  - RE: bandwidth monitoring based on destination IP address Omar Khawaja (Feb 02)
- Re: bandwidth monitoring based on destination IP address Brandon Lee (Feb 01)
- Re: bandwidth monitoring based on destination IP address Bulgaria Online - Assen Totin (Feb 01)
- RE: bandwidth monitoring based on destination IP address Luis Lopez Sanchez (Feb 01)