Bandwidth monitoring

Robert Watson rwatson at freebsd.org
Thu Jun 26 16:06:35 PDT 2003 

On Thu, 26 Jun 2003, Julian Elischer wrote:

> I'm not sure I understand why not just tell ipfw to count all packets
> that an ISP is likely to charge for and have the tables 'reaped every
> now and then by a daemon to give a time dimension to the data.. 

Well, the case that this code was designed for was passive monitoring of
many IPs over many systems (some of which have a large number of IP
addresses, each to be separately billed).  I also wanted to specifically
disqualify local traffic between the hosts, since that wasn't part of the
billing structure.  You could certainly implement this using ipfw
accounting, but only if you wanted to add one firewall rule for each
matching case of interest (since we needed to separately measure), and you
were willing to tweak and sample the firewall rules on each of the hosts.
For the single host/single IP, or even the constrained number of hosts/IPs
case, ipfw would be a more than adequate solution, since the expression of
"just the traffic I mean" would be simple.

> On Thu, 26 Jun 2003, Robert Watson wrote:
> 
> > On 24 Jun 2003, Adam wrote:
> > 
> > > My ISP is placing strict restrictions on how much I can transfer each
> > > month, with high penalties for exceeding their limits. However, they
> > > don't provide any way for their customer's to check to see how much
> > > they've transferred, so we end up transferring far less than what we are
> > > allowed, just to make sure we avoid paying the fines for going over the
> > > limit. 
> > > 
> > > So, what I need to do is find a way to monitor my total bandwidth
> > > through my external NIC. My gateway is running FreeBSD 4.8 with
> > > ipf+ipnat. 
> > > 
> > > I *don't* need anything fancy. All I need is to be able to check at any
> > > time how much I've transferred since the first of the month. What's the
> > > easiest way to set up something like this? I know there are fancy
> > > solutions with graphs with usage stats and such, but that's not what I'm
> > > after. 
> > > 
> > > Thanks for your advice,
> > 
> > I use the following home-grown tool to measure bandwidth consumed by
> > the hosts on my ethernet segment:
> > 
> >    http://www.watson.org/~robert/freebsd/bpfmon.tgz
> > 
> > It uses BPF to monitor traffic on the segment, and drops bandwidth samples
> > into a data directory every five minutes.  there's a post-processing
> > script that generates a CSV of samples, by local host, for easy
> > consumption in a spreadsheet.  It's not a great program, but it is cute
> > and works.  Make sure to read the README if you use it; you have to set a
> > few things at compile-time, since I wrote it for local use and never
> > really attempted to generalize.  I use it to monitor inbound and outbound
> > IP traffic for around 400 hosts here for precisely the same reason you are
> > interested :-).
> > 
> > Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
> > robert at fledge.watson.org      Network Associates Laboratories
> > 
> > 
> > _______________________________________________
> > freebsd-net at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-net
> > To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
> > 
> 
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>

More information about the freebsd-net mailing list