Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 16 Dec 2001 02:51:30 -0800 (PST)
From:      Donnie Jones <donniejones18@yahoo.com>
To:        universe <universe@truemetal.org>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: traffic metering at centralized location
Message-ID:  <20011216105130.82909.qmail@web20602.mail.yahoo.com>
In-Reply-To: <3C1B99EA.94AEF8B@truemetal.org>

next in thread | previous in thread | raw e-mail | index | archive | help

Hello.

I'd check out IP Flow Meter (IPFM).

http://robert.cheramy.net/ipfm/

It is very simple and configurable to only log certain
hosts, or certain combinations of hosts.

The log file keeps a total of data transfers and an in
and out that can be produced at whatever time
intervals you choose.

I run two sets of the program at the same time.  One
scans my first ethernet device that is on the
connection to the outside world for my gateway/router
pc.  The other ipfm scans the second ethernet device
which mainly handles traffice for the pc's on my
internal LAN.

Hope this helps...

-Donnie


--- universe <universe@truemetal.org> wrote:
> we'd like to measure the internet-traffic that our
> co-location and
> dedicated server customers are producing, and
> therefore put a
> metering-box at a centralized location in our
> network which is going
> to measure the traffic coming from our switch'
> monitoring-port (which
> reflects all data that is being sent to the
> internet).
> 
> for this purpose we've been thinking about using a
> software like
> ipmeter (http://www.ipmeter.com), however, it turns
> out that ipmeter
> isn't reliable enough for our needs, and doesn't
> provide all necessary
> functions - like: a customer must be able to log in
> to a web interface
> in order to find out how much traffic his servers
> have used up for a
> certain period of time.
> 
> right now, for the metering purposes, we are
> directly polling our
> switch by using PACT (http://pact.insider.org) via
> SNMP.
> unfortunately, any and all traffic is counted here,
> even the traffic
> that is not destined for the internet but rather for
> the local
> backup-server etc.  we cannot bill this traffic to
> the customers, so
> this method is no longer
> acceptable.
> 
> another method would be to put a 2nd network card in
> every dedicated
> server / box that is being co-located and build up a
> small network for
> internal traffic only. however, that would result in
> many
> complications (eg. we only use 1U-servers, so what
> to do if a customer
> needs a raid-card in his machine - there's no place
> for a 2nd pci
> card)...
> 
> i've approached several attempts at measuring the
> traffic in my home
> network by using freebsd as a bridge, but without
> avail. i cannot
> think of another way to put the network interface in
> promiscuous mode
> except by setting up a bridge.
> however, that attempt didn't work out, no traffic
> was being counted
> (using ipfw and rules like "ipfw add count ip from
> 192.168.0.2 to
> any"), where 192.168.0.2 is just a workstation on
> the same lan/hub.
> 
> therefore: how to get a freebsd box (not being used
> as a router) to
> measure traffic that isn't destined for local ip
> addresses? 
> 
> or, does anyone have another idea how to measure the
> traffic that's
> destined for the internet?
> 
> thanks a bunch for any hints or pointers!
> markus
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of
> the message


__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011216105130.82909.qmail>