Bandwidth Monitoring program

Art Mason amason at rackspace.com
Wed Dec 6 11:53:23 PST 2006 

On Wednesday 06 December 2006 11:53, Josh Paetzel wrote:
> On Wednesday 06 December 2006 10:11, Julian Elischer wrote:
> > Josh Paetzel wrote:
> > > On Tuesday 05 December 2006 23:52, Brett Glass wrote:
> > >> Add a few IPFW "count" rules to count the bytes and packets.
> > >> Then, periodically harvest and reset the counters via a cron job
> > >> and write the results to a file. You can then prepare tables and
> > >> charts which are as simple or as fancy as you please, without
> > >> resorting to SNMP (which isn't secure). A little bit of code in
> > >> your favorite scripting language will do it. And of course you
> > >> can output to a graphing package, though for me a simple
> > >> histogram using asterisks has sufficient precision in most
> > >> cases.
> > >>
> > >> --Brett Glass
> > >
> > > Just curious.....but where is he going to run ipfw?  I seriously
> > > doubt his router can run it, and what good is it going to do him
> > > to run it on a machine on the network if the network is switched?
> > >  It's not going to be able to see any of the traffic other than
> > > what that specific machine is sending/receiving.
> >
> > run ipfw in layer 2 after turning on promiscuous mode and attaching
> > it to a hub.
> >
> > I do it all the time.
>
> He specifically said in his original post that putting a machine
> between the router and his lan wasn't an option.  His question
> was,  "Is there a program where I can see whats going on from the
> computer on that network?"  The answer to that question is, if he's on
> a switched network, no.  Not without a topology change.  If he can't
> put a box between the switch and router how likely is it that he's
> going to be able to put a hub between the switch and router and then
> attach a box to that?

Not sure if this has been discussed already, but If the router's internal 
interface is plugged into a managed switch that supports a SPAN port, you can 
always set your monitoring box running NTOP, bandwidthd, NetFlow, etc. up on 
the destination switchport .

Hope that helps.

-- 
Art Mason
amason at rackspace.com
Intensive Network Security
Rackspace Managed Hosting
(800) 961-4454 ext. 4290

More information about the freebsd-net mailing list