[flow-tools] RE: bandwidth monitoring for subnets
Michael Bellears
michael.bellears@staff.datafx.com.au
Wed, 8 Jan 2003 07:38:19 +1000
> I'm trying to monitor bandwidth for subnets with flow-tools.=20
No problems.
> I've got it currently collecting flows. I'm having a little=20
> difficulty=20
> figuring out how to generate reports. I'd like to get=20
> bandwidth totals for=20
> specific networks (eg.10.1.1.*) incoming and outgoing (eg.=20
> 10.1.1.* -->=20
> *.*.*.* and *.*.*.* --> 10.1.1.*) . I'd like to get this by=20
> month. Is there=20
> any specific documentation I could look up that would help me=20
> with this?
>=20
It is quite simple.
Here is the method that I use:
Create an acl ->
netflow:/usr/local/netflow/bin/netflow_acls# cat sample-subnet.acl=20
ip access-list standard subnet permit x.x.x.0 0.0.0.63
ip access-list standard subnet deny any
Then:
./flow-cat -a /netflow/oar/krc3.v5/2003/2003-01/ | ./flow-filter -f
sample-subnet.acl -Dsubnet| ./flow-stat -f17 |more
Will produce usage for the /26 subnet defined in the acl.
You can also create more comprehensive acl's to produce reports with eg.
traffic going to a particular subnet, but not originating from a certain
subnet (Nice if you provide free 'local' traffic to clients).
HTH,
MB