From owner-freebsd-isp@FreeBSD.ORG Thu Apr 22 07:44:23 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D2F2F16A4CE for ; Thu, 22 Apr 2004 07:44:23 -0700 (PDT) Received: from telcommail.net (mail.telcom.net [200.80.13.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 341DF43D1F for ; Thu, 22 Apr 2004 07:44:23 -0700 (PDT) (envelope-from akachler@telcom.net) Received: from telcom.net (host203.216.22.121.telcom.net [216.22.121.203] (may be forged)) by telcommail.net (8.12.10/8.12.10) with ESMTP id i3MEgjBM073366 for ; Thu, 22 Apr 2004 10:42:49 -0400 (EDT) Message-ID: <4087D9F7.10800@telcom.net> Date: Thu, 22 Apr 2004 10:43:03 -0400 From: Arie Kachler User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6) Gecko/20040113 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org X-Enigmail-Version: 0.83.6.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: re: Traffic Monitor X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Apr 2004 14:44:23 -0000 Hi Spidey, If you want to go low-cost (free), try http://ipband.sourceforge.net. It won't let you limit connections that are hogging your bandwidth, but at least you know who the hogs are. If you want full bells and whistles, http://www.packeteer.com/prod-sol/products/packetshaper.cfm. This one will let you do anything you want. Exprensive but worth it. Hope the info helps. Arie Kachler >Hi > >I am an ISP running FreeBSD as a firewall and as a Mail Server. My problem >is that I am not able to monitor the amount of traffic that user are using >on my network. in south Africa bandwidth is extremely expensive and I need >to take my bandwidth to the edge. > >My network looks like this: My Link comes in on a Cisco 805 from the router >it goes to the first NIC on the Firewall from the second NIC it runs into a >10base HUB where there are only 3 ports used one as I said for the Firewall >the other for a FreeBSD box (I want to use this box for traffic monitoring) >and then one port for the rest of the network which connects to a 100base >switch. The reason I used the 10base HUB is because it broadcasts all the >data to all the ports. So for all data to and from the firewall will be >caught by the Monitoring BSD box. I hope this makes sense. > >What I am looking for is some app that could show me live what ip on my >network is utilizing what part of the bandwidth. Don't laugh !!I have a 256k >Diginet connection and I would like to see who is killing my network. I do >get live graphs from my upstream supplier but it shows the line utilization >from my router and not who is using what. > >So I can't be proactive in solving speed issues I need to wait for it to >happen and then by a process of elimination disconnect segments of the >network and see when the graph drops. I tried TCPDUMP but it is difficult to >understand (perhaps I am just stupid) but it's a time consuming process and >to late to fix the problem. > >I hope this makes sense to someone > >thank you > >Spidey >