LISTSERV mailing list manager LISTSERV 16.0

Help for LINUX-L Archives


LINUX-L Archives

LINUX-L Archives


LINUX-L@LISTS.UFL.EDU


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Monospaced Font

LISTSERV Archives

LISTSERV Archives

LINUX-L Home

LINUX-L Home

LINUX-L  2007

LINUX-L 2007

Subject:

Re: traffic question

From:

Tom Miller <[log in to unmask]>

Reply-To:

Platform Independent Linux List! <[log in to unmask]>

Date:

Sun, 13 May 2007 16:42:46 -0400

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (43 lines)

Mark Oden wrote:
> You could mirror all traffic to your machine (would need access to
> your main router and the switches leading up to your machine) and run
> a sniffer for about 10 minutes. When you think you've collected
> enough information stop the sniffer and run an analysis on it
> (sniffers you pay for would have decent analyzers, not sure how
> ethereal's is). The analysis should show which machines are creating
> what % of traffic. Or instead of analyzing you could manually look
> for which machine is creating a ton of packets.
>
> Hope this helps
>
> ~Mark Oden
>
> Jeff Lasman wrote:
>> This stuff always drives me crazy...
>>
>> One of our clients writes:
>>
>> <snip>
>> We have a high amount of incoming data (green on the graph) - can we
>> tell what this is? It seems very constant!
>> </snip>
>>
>> He's writing about an mrtg graph average of 300 gbps.
>>
>> Any easy way (on linux) to tell where the traffic is coming from?
>>
>> Thanks.
>>
>> Jeff
>>
If you just want to know general statistics and you have Cisco gear or
an OpenBSD router, you could use netflow to gather information about the
traffic stream. Once you identify the source of the traffic, you can use
more specific means, like Ethereal or a commercial sniffer, to get
details on what the traffic actually is. Here are a couple articles I
found useful in setting up netflow on my network devices.

http://www.onlamp.com/pub/a/bsd/2005/08/18/Big_Scary_Daemons.html
http://www.splintered.net/sw/flow-tools/

-Tom

Top of Message | Previous Page | Permalink

Advanced Options


Options

Log In

Log In

Get Password

Get Password


Search Archives

Search Archives


Subscribe or Unsubscribe

Subscribe or Unsubscribe


Archives

2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997

ATOM RSS1 RSS2



LISTS.UFL.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager