Tool for traffic measure?
Kurt Buff
kurt.buff at gmail.com
Fri Jan 2 22:00:13 PST 2009
On Fri, Jan 2, 2009 at 9:21 PM, Sdävtaker <sdavtaker at gmail.com> wrote:
> Hello,
> I got a subnet with 5 machines and a cablemodem who provides 5 public ips
> All is conected to a switch.
> One of the machines is not ours and we want to check it is not
> abuseing our internet link, so we want to know if there is any way to
> monitor bandwich usage from one of the other machines in the subnet
> with no need to modify the foreing machine config. Something like use
> tcpdump in promiscuos mode or something like that, we doesnt matter
> the content, we just need a bandwich conssumption meassure.
> Thanks for any ideas.
> Sdav
You have several options:
1) If the switch has some intelligence, you can monitor it to measure
bandwidth consumption. There are two ways to do this:
a) if the switch implements SNMP, you can use mrtg (simple) or
cacti (not so simple) to graph bandwidth on the switch by port and in
total
b) if the switch can mirror all of the data going across the
switch to a port on the switch, you can use ntop to graph traffic. It
only shows the top three bandwidth consumers at any given time, but i)
it does have very nice graphing, and if the machine you are concerned
about is consuming more than its fair share it will show, and ii) you
can use standard bpf filters to capture utilization for just that box.
2) if you have a spare machine, you can put two NICs in it, and use it
as a bridge between the switch and the router. This is a bit more
complicated, but it allows you to implement either option 1a or 1b
above.
Kurt
More information about the freebsd-questions
mailing list