Bandwidth monitor and grapher

Bandwidth monitor and grapher

Post by darktige » Sun, 28 Aug 2005 14:51:21



Hello,
 There is a device out there called a Packeteer (sp?). It is a
transparent network device that monitors the flow of traffic and makes
graphs/reports of how much bandwidth was used each hour, what
ports/applications used what bandwidth, etc.

 I would like to make a device like this in Linux. I have setup bridges
before in Linux, so that is how I would make it transparent, but from a
software side I am lost.

 Any ideas?

-Scott

 
 
 

Bandwidth monitor and grapher

Post by Michael Heimin » Sun, 28 Aug 2005 18:35:51



Quote:> Hello,
> There is a device out there called a Packeteer (sp?). It is a
> transparent network device that monitors the flow of traffic and makes
> graphs/reports of how much bandwidth was used each hour, what
> ports/applications used what bandwidth, etc.

This direction -> http://www.ntop.org/

Just run it in webmode. ;-)

[..]

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)

#bofh excuse 340: We'll fix that in the next (upgrade, update,
patch release, service pack).

 
 
 

Bandwidth monitor and grapher

Post by Cantankerous Old Gi » Mon, 29 Aug 2005 00:14:00



> Hello,
>  There is a device out there called a Packeteer (sp?). It is a
> transparent network device that monitors the flow of traffic and makes
> graphs/reports of how much bandwidth was used each hour, what
> ports/applications used what bandwidth, etc.

>  I would like to make a device like this in Linux. I have setup bridges
> before in Linux, so that is how I would make it transparent, but from a
> software side I am lost.

>  Any ideas?

> -Scott

ntop will give you much of the information that packeteer gives,
although it's not as well presented, nor (I think) does it have
configurable traffic classes like packeteer.

Packeteer's main frature is being able to regulate bandwidth
usage and priority according to traffic class. ntop cannot do
that, and I don't think any linux feature can do as well as
packeteer does. Packeteer's analysis and graphing is really just
an add-on so you can easliy see the traffic shaping working.

But if it's usage stats you're after, give ntop a try. It
certainly gives some fascinating information.

 
 
 

Bandwidth monitor and grapher

Post by tm4.. » Tue, 30 Aug 2005 01:30:32



> Hello,
>  There is a device out there called a Packeteer (sp?). It is a
> transparent network device that monitors the flow of traffic and makes
> graphs/reports of how much bandwidth was used each hour, what
> ports/applications used what bandwidth, etc.

>  I would like to make a device like this in Linux. I have setup bridges
> before in Linux, so that is how I would make it transparent, but from a
> software side I am lost.

>  Any ideas?

> -Scott

There is a packeteer-like commercial quality add-on for linux:

www.etinc.com

 
 
 

Bandwidth monitor and grapher

Post by darktige » Mon, 05 Sep 2005 05:38:08


Thank you all for your responses! I will give ntop a try.
 
 
 

Bandwidth monitor and grapher

Post by tob.. » Mon, 05 Sep 2005 16:12:09


Check out MRTG:

http://www.ee.ethz.ch/~oetiker/webtools/mrtg/

It's very good and widely used.

If you want to regulate bandwidth like the Packeteer, then use iptables
and tc. You can do allmost anything you want (QoS, bandwidth limiting,
etc etc), check out:

http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/index.html

Good luck!

Tobias Skytte

 
 
 

Bandwidth monitor and grapher

Post by darktige » Wed, 07 Sep 2005 06:06:32


Thanks! The biggest thing I care about it application classification
and how much BW each application is using.

I notice that I can download Layer 7 classifications for netfilter,
hmm...

I would like to see which applications are using the most bandwidth, ie
www or Kazza. Is someone on the network playing Battlefield 2 or is all
the traffic WWW/SMTP/POP3, etc.

ntop is awesome, but for applications it does not know, it just lists
"unknown". So I now have to look and see if I can use the layer 7
package for netfilter, and integrate it into ntop.

As for mrtg, since it use SNMP and such the polling rate is too slow.

 
 
 

Bandwidth monitor and grapher

Post by tob.. » Thu, 08 Sep 2005 04:35:03


Ok,  to be able to classify bw usage like that you have to monitor the
various ports. But you can still use MRTG for that! You don't *have* to
use SNMP with MRTG, anything can be used as the input. F.ex. I'm
graphing the current dial-in count, amount of mails in the mailqueue,
etc. as well as SMTP bw rate, signal-noise ratio on my sat-dish  etc.
etc.

To graph www, SMTP, pop3 or kazaa usage mark the packets with iptables,
then put it into different qdiscs with tc then graph it with MRTG. Not
super easy to do, but doable.
You use the output of 'tc -s qdisc' f.ex. as input to MRTG.

If the polling rate is too slow (5 min default) you can just change it
to pretty much anything you want.

Good luck!

Tobias Skytte

 
 
 

1. Monitoring bandwidth usage - writing a simple monitor

With a lot of help from my friends I wrote a bash script that displays
the number of kilobytes being uploaded & downloaded every second via my
eth0 internet connection.

The ouput looks like:

$ monitor

10.8 k/s 2.3 k/s
22.3 k/s 1.3 k/s
12.1 k/s 3.1 k/s
...

The logic of the script goes something like this:

init:

invoke netstat to retrieve initial packet counts

do forever:

invoke netstat to retrieve next packet counts
compute kilobyte delta = packet delta * MTU / 1024
display results

This works fine and displays plausible results, but they seem to differ
somewhat (+20-30%) from an earlier version that collected byte counts
from the kernel's /proc/net/dev pseudo-file.

I understand that the above approach is not entirely correct since I
wait one second (how accurate is that on a multi-processing OS?) but
also, some correction factor would need to be applied to account for
the elapsed time that is necessary for the code itself to execute ..
the fact this is a bash script at this point probably doesn't help.

I also realize that there are probably CLI tools that already do
something similar.  I definitely would be curious if any one recommended
something that might display this information and  I would take a look
as to how their authors went about doing this.

Naturally, I don't need anything highly accurate .. this is both an
exercise to try and understand these aspects better .. and something
that will display two counters at the bottom of my screen so I have some
idea of what is going on with the system.

Thanks!

2. need help configuring Linux

3. Matrox Mystique ands X.

4. Curious Problem after 2.2.5 upgrade

5. SunNet Manager 2.1 and grapher port

6. Printer set up...

7. Monitoring NIC Bandwidth utilization via SNMP???

8. Mirroring assistance needed

9. How to monitor bandwidth ?

10. Bandwidth Watcher/Monitor Help/Info Needed

11. bandwidth monitoring question

12. Monitor Bandwidth of Linux Proxy

13. Network Monitoring/bandwidth analysis