Layer2-Accounting (IP)

Layer2-Accounting (IP)

Post by Holger von Amel » Fri, 23 Jul 1999 04:00:00



We are running a Webserver for different domains, using ip-aliasing with
a 2.2.10 kernel.
The problem we are now facing is that the accounting based on ipchains,
that we are using so far actually accounts on Layer3 of the
Protocol-Stack. That means, that the data we get about what traffic is
produced on which IP can`t be directly compared to our Provider's
IP-Accounting. Is there any possibility to exactly account how much
traffic originates from which IP ?

Thanks in advance

Holger von Ameln

 
 
 

Layer2-Accounting (IP)

Post by Rudolf Potuc » Fri, 23 Jul 1999 04:00:00


I am not comfortable with the meaning of Layers 2/3 but I'll assume that
Layer 2 is the encapsulated data that actually ends up going across the
pbysical line.

Since the overhead for encapsulation should be constant/known I don't see
why you couldn't use the standary ipchains counters and just add a
constant overhead as function of the number of packets passed.

A thought of consolation may also be that I worked for a relatively large
ISP in Germany for a while and, though I was just a temp, I got to see
that they used 'guess-billing' routines for exactly the purpose you
describe. So how sure are you that the ISP has accurate logs?

Rudolf


: We are running a Webserver for different domains, using ip-aliasing with
: a 2.2.10 kernel.
: The problem we are now facing is that the accounting based on ipchains,
: that we are using so far actually accounts on Layer3 of the
: Protocol-Stack. That means, that the data we get about what traffic is
: produced on which IP can`t be directly compared to our Provider's
: IP-Accounting. Is there any possibility to exactly account how much
: traffic originates from which IP ?

: Thanks in advance

: Holger von Ameln

--

 
 
 

Layer2-Accounting (IP)

Post by Holger von Amel » Fri, 23 Jul 1999 04:00:00


He is billing me on that basis...so I hope for him it's correct :-)
how much do you think is to be added for the protocol-overhead in this
case...doesnt that depend on the mixture of TCP, ZDP and other protocols ?

Holger von Ameln


> A thought of consolation may also be that I worked for a relatively large
> ISP in Germany for a while and, though I was just a temp, I got to see
> that they used 'guess-billing' routines for exactly the purpose you
> describe. So how sure are you that the ISP has accurate logs?

> Rudolf


> : We are running a Webserver for different domains, using ip-aliasing with
> : a 2.2.10 kernel.
> : The problem we are now facing is that the accounting based on ipchains,
> : that we are using so far actually accounts on Layer3 of the
> : Protocol-Stack. That means, that the data we get about what traffic is
> : produced on which IP can`t be directly compared to our Provider's
> : IP-Accounting. Is there any possibility to exactly account how much
> : traffic originates from which IP ?

> : Thanks in advance

> : Holger von Ameln

> --

 
 
 

1. IP accounting on a per-user basis, rather than per IP address.

I would like to be able to set up an Internet connection for one of our
offices using a Linux system as a firewall. Okay, this is easy enough
using ipfwadm which supports packet logging as well.

Problem: Management are saying: "Great, but we need to keep track of how
much each user accesses the Internet, you can only give us data on what
each /machine/ is doing - not good enough."

Their solution is to install MS Proxy Server on one of the NT servers.
I really, really don't want to have MS Poxy Server on any of my
machines!

Any ideas?

PS, Ideally I want to be able to track access by NT user account, but I
can probably kludge that up with Samba, if I can get accounting
happening on a Linux user account basis.

Lionel.
--
Grep bait: qmail, Archimedes Plutonium, turkey, Kibo, Wollmann, Meow.
Grep bait de jour: Theresa Willis, Terri
Perna condita delenda est. Agree? - See http://www.ybecker.net/pink/
 "Some people are alive only because it is illegal to kill them."

2. Implications of running SMTP, WWW, and FTP on same OBSD server in a DMZ?

3. I NEED A LOCAL IP CHECKER TO SEND THE IP TO AN OUTSIDE ACCOUNT!

4. Modem doesn't hangup

5. IP Tables & IP Accounting

6. Help hooking VT200 terminal to a Linux box

7. IP Accounting + Ip Chains

8. /etc/passwd to openldap

9. linux layer2(ethernet) networking question

10. IP Kernel Accounting

11. ip-accounting problem ??

12. ipfw (ip firewall/accounting)

13. setting up a dynamically allocating IP account