Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Sniffing outbounf Router Traffic
- Thread starter jmamarad
- Start date
PhilipSmith
MIS
If you can mirror the port, use a hub, or somehow place your sniffer between your router and your business then you can see what protocols and IP addresses are being used. There are a variety of sniffer reports that will give you the answers that you desire. (I have had to do the same thing myself).
I hope this helps,
Philip Smith/University of Windsor [sig][/sig]
I hope this helps,
Philip Smith/University of Windsor [sig][/sig]
Look up a program called MRTG, I believe it is a free program. I don't know alot about it other than the Unix administrator here uses it to monitor the in and out bound traffic on our Cisco 2501 router as well as the utilization of the unix servers.
Let me know if was useful,
Brian [sig][/sig]
Let me know if was useful,
Brian [sig][/sig]
Guest_imported
New member
- Jan 1, 1970
- 0
The Sniffer will absolutely give you detailed information about all the traffic on that link. Not only will it trend utilization (which is the extent of MRTG's functionality), but it will give you analysis of all user traffic, top talkers, protocol distribution, etc. You can which users or applications are consuming the most bandwidth.
regards
Jeff Fanelli
SE - Sniffer Technologies / Network Associates
regards
Jeff Fanelli
SE - Sniffer Technologies / Network Associates
On another way to get at least rough numbers, look at Solarwinds network monitoring utilities. One is called *gauges* which use SNMP to get real time ( as much as possible) statistics from the router ports. It will at the least give raw traffic numbers of how many packets the port is passing. It does have the advantage of not being intrusive for the inital testing.
Mike S.
[sig][/sig]
Mike S.
[sig][/sig]
You would not buy a Tractor a plant an Azalea. Initially from what you are asking it does not appear that you would want or need Sniffer for this.
You want to know Bandwidth there are a number of tools designed specifically for this. Is money no object? Packeteer is wonderful. But most of us must be careful what we spend.
I have tested the SolarWinds Engineering Version and it is great for the price but you must spend time to set it up. It talks to Cisco very well and can tell you bandwidth stats by IP.
FREE PRODUCT
As far as MRTG you really want something using the RRD tool like Cricket and it can also give you lots of data from the router and surely what you are asking for. But only if you have a good UNIX tech that knows perl well. This is all based on MRTG and I would bet every ISP uses some form of these tools.
It is here
If you only want to know where the traffic is coming from Cricket will do the job and tell you what port has the heavy traffic so you can determine where it is originating. You may still need Sniffer for other issues but clearly not here.
Doug
You want to know Bandwidth there are a number of tools designed specifically for this. Is money no object? Packeteer is wonderful. But most of us must be careful what we spend.
I have tested the SolarWinds Engineering Version and it is great for the price but you must spend time to set it up. It talks to Cisco very well and can tell you bandwidth stats by IP.
FREE PRODUCT
As far as MRTG you really want something using the RRD tool like Cricket and it can also give you lots of data from the router and surely what you are asking for. But only if you have a good UNIX tech that knows perl well. This is all based on MRTG and I would bet every ISP uses some form of these tools.
It is here
If you only want to know where the traffic is coming from Cricket will do the job and tell you what port has the heavy traffic so you can determine where it is originating. You may still need Sniffer for other issues but clearly not here.
Doug
I disagree wholeheartedly with DCohn...Sorry. This is EXACTLY why you would want a Sniffer. As Mr Fanelli so eloquently pointed out, Sniffer will not only give you real-time bandwidth stats but also who's using it. I have personally used it many times for this specific purpose and twice found that my customer was the victim of a DDOS attack. Bandwidth stats are useless without the ability to drill down and identify who or what is using it.
John R Savage
Sniffer SE
Dallas TX
John R Savage
Sniffer SE
Dallas TX
Simply stated, most of us need to see the BW numbers and know who is using it. Graphs and charts help me explain to my boss what is happening and why, but for real in-depth analysis of what is happening on the link and tool like Sniffer is the right one. I use it to baseline my link, then setup a trigger to tell me when it bursts above what I have set as the upper limit of my utilization (I use 50%) It then emails me and pages me to let me know that a potential problem exists - I have Sniffers on every aspect of my network and I find the tool to be like having a guy sitting there monitoring the link 24/7. I have had 4 false alarms in the 3 years I've had Sniffer running on my network and I've had it notify me in time to head off a real problem innumerable times.
- Status
Similar threads
- Locked
- Question