Security Basics mailing list archives

RE: bandwidth monitoring based on destination IP address

From: Luis Lopez Sanchez <luis.lopez () atosorigin com>
Date: Tue, 01 Feb 2005 09:52:10 +0100



A possible solution could be using 'Policy Based Routing' (Cisco PBR) creating more subinterfaces and MRTG it this sub 
interfaces and applying 'Generic Traffic Shapping' (Cisco GTS) in combination for assure a maximun bandwitdth for each 
subinterface ... this could be a bizarre solution but in some enviroments would work fine.
 
Saludos,
 
--
Luis
  

        -----Mensaje original----- 
        De: Jennifer Fountain [mailto:jfountain () rbinc com] 
        Enviado el: lun 31/01/2005 22:58 
        Para: security-basics () securityfocus com 
        CC: 
        Asunto: RE: bandwidth monitoring based on destination IP address
        
        

        > Hi,
        >
        > I have a customer who wants to monitor his    bandwidth based on
        > destination IP - ideally I would have liked to use MRTG
        > (free, easy to set up, works well), but am not sure if MRTG
        > can pull data off a Cisco router / PIX firewall via SNMP that
        > will breakdown the usage based on L3 destination.
        > I figured if nothing else works, I could use brute force -
        > sniff all the traffic and filter based on destination IP and
        > packet size - somehow, that doesn't seem like it would be too
        > much fun. I was hoping, with the wealth of experience and
        > knowledge in this group, someone would have a more civil
        > solution to this. Thanks
        >
        > __
        > Omar Khawaja, CISSP
        >
        >
        >
        
        I have been looking for the same tool and this looked promising:
        
        http://netacad.kiev.ua/flowc/
        
        HTH
        
        Cheers,
        Jenn
        


------------------------------------------------------------------
This e-mail and the documents attached are confidential and intended solely
for the addressee; it may also be privileged. If you receive this e-mail
in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the sender does
not warrant that this transmission is virus-free and will not be liable for
any damages resulting from any virus transmitted.

Este mensaje y los ficheros adjuntos pueden contener informacion
confidencial destinada solamente a la(s) persona(s) mencionadas
anteriormente. Pueden estar protegidos por secreto profesional Si usted
recibe este correo electronico por error, gracias de informar inmediatamente
al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red, Atos
Origin no se hace responsable por su contenido. Su contenido no constituye
ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por
ambas partes.
Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor
no puede garantizar nada al respecto y no sera responsable de cualesquiera
danos que puedan resultar de una transmision de virus
------------------------------------------------------------------

Current thread:

RE: bandwidth monitoring based on destination IP address Jennifer Fountain (Jan 31)
- <Possible follow-ups>
- Re: bandwidth monitoring based on destination IP address Jordan Dohms (Jan 31)
- RE: bandwidth monitoring based on destination IP address Shawn Wall (Feb 01)
  - RE: bandwidth monitoring based on destination IP address Omar Khawaja (Feb 02)
- Re: bandwidth monitoring based on destination IP address Brandon Lee (Feb 01)
- Re: bandwidth monitoring based on destination IP address Bulgaria Online - Assen Totin (Feb 01)
- RE: bandwidth monitoring based on destination IP address Luis Lopez Sanchez (Feb 01)