nanog mailing list archives
RE: Linux router traffic monitoring, how? netflow?
From: Joe Loiacono <jloiacon () csc com>
Date: Fri, 14 Nov 2014 08:50:11 -0500
If you go the netflow route you might consider FlowViewer/SiLK for the collector/analyzer. It is web driven and allows you to easily establish traffic thresholds which will generate an alert email. https://sourceforge.net/projects/flowviewer Joe "NANOG" <nanog-bounces () nanog org> wrote on 11/14/2014 02:35:44 AM:
From: Murat Kaipov <mkaipov () outlook com> To: "'Eliezer Croitoru'" <eliezer () ngtech co il>, <nanog () nanog org> Date: 11/14/2014 02:37 AM Subject: RE: Linux router traffic monitoring, how? netflow? Sent by: "NANOG" <nanog-bounces () nanog org> Hello Eliezer. Netflow will be the best solution to find the host that's generate load. First you need decide what netflow analyzer you'll use. I know about some plugin to Cacti. Than you need install IPT-NETFLOW to your Ubuntu router. Also you have another way, you can monitor (snmp traffic) all ports on switches and then find analyze. B.R. Murat -----Original Message----- From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Eliezer
Croitoru
Sent: Thursday, November 13, 2014 8:10 PM To: nanog () nanog org Subject: Linux router traffic monitoring, how? netflow? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey all, I have a tiny linux router based on ubuntu and sometimes I get a massive load of UDP traffic because of one of the PCs in the network. Usually I handle the situation with a strict block using iptables. The main issue is to find it due to the load. For now I am monitoring the traffic load using MRTG but it won't notify
me.
I can try to use nagios to monitor traffic load for a period of time but before I start working on it I want another person opinion and
options.
I have seen netflow in the past but never actually used it. Thanks in advance, Eliezer -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJUZOXKAAoJENxnfXtQ8ZQUnCcIAJn/3LQa1CKl1mBGiWHUvrEZ GZIPYKDlDWscVaq2VhJQH/ZcUqX5466YTSLsFQBaCEynLfc4vgk5gBZzyLK9TI1R MSDXAQNYvqRGnDG5rBrthCCvSA8UZyqVH9feSXw+U8aiwZcmQz4SSVv86yy288qP eFlerXq43QvSzXgMPFFrzwVzcwY3UVg0VMxlqIRIl+sB8dfg6ofau61/lax9ALQ4 cfxE674vxKtQsf319lJTmq/3JMvANzZNYbX0+XnLNIDaCciM/GTT/Xvasq+oigm2 IE4T0098KMUyBdJx5ewX5d+rawI2283euiY0Co5UnfCYzBnJTj4xZR32Tip53lM= =gZaZ -----END PGP SIGNATURE-----
Current thread:
- Linux router traffic monitoring, how? netflow? Eliezer Croitoru (Nov 13)
- RE: Linux router traffic monitoring, how? netflow? Murat Kaipov (Nov 13)
- Re: Linux router traffic monitoring, how? netflow? Wayne Lee (Nov 13)
- Re: Linux router traffic monitoring, how? netflow? Eliezer Croitoru (Nov 16)
- RE: Linux router traffic monitoring, how? netflow? Joe Loiacono (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? Wayne Lee (Nov 13)
- Re: Linux router traffic monitoring, how? netflow? Leonardo Arena (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? Peter Phaal (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? srn . nanog (Nov 14)
- Re: Linux router traffic monitoring, how? netflow? Adrian Minta (Nov 14)
- RE: Linux router traffic monitoring, how? netflow? Murat Kaipov (Nov 13)