From owner-freebsd-questions Thu Jun 27 17:34:24 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA10493 for questions-outgoing; Thu, 27 Jun 1996 17:34:24 -0700 (PDT) Received: from tombstone.sunrem.com (tombstone.sunrem.com [206.81.134.54]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id RAA10488 for ; Thu, 27 Jun 1996 17:34:22 -0700 (PDT) Received: (from brandon@localhost) by tombstone.sunrem.com (8.6.12/8.6.12) id SAA01751; Thu, 27 Jun 1996 18:34:16 -0600 Date: Thu, 27 Jun 1996 18:34:16 -0600 (MDT) From: Brandon Gillespie To: freebsd-questions@freebsd.org Subject: Network Monitoring/Packet Sniffing? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I have been given the dubious task of 'administrating' our LAN and its connection to the internet. Recently our network will max out its capacity, crippling everybody for a few moments until it recovers. I havn't been able to track anything more than bandwidth is spiking to capacity. Another admin where I work has an Ethernet monitor which simply says 75% of it is from TCP/IP packets (we also run ethertalk). We have several leased connections, and our network itself is not of the best design. What I am looking for is programs of any sort which do _anything_ in regard to monitoring network traffic. Specifically, I would love something which also tracked what IP addresses are hitting the top in bandwidth. The FreeBSD system I am thinking of sits in the middle of the network, so should be able to see as easilly as any other (we do not bridge nor do we have smart hubs, so it should see EVERYTHING). -Brandon Gillespie-