I’m using Alvarado for netflow and I’m pretty happy with it. Seeing it 
recommended more frequently on Reddit and elsewhere lately too.


<https://github.com/akvorado/akvorado>
[akvorado.png]
akvorado/akvorado: Flow collector, enricher and 
visualizer<https://github.com/akvorado/akvorado>
github.com<https://github.com/akvorado/akvorado>

John Stitt

Sent from my pocket CRAY-1

On Mar 26, 2024, at 7:05 PM, Brian Knight via NANOG <nanog@nanog.org> wrote:


What's presently the most commonly used open source toolset for monitoring 
AS-to-AS traffic?

I want to see with which ASes I am exchanging the most traffic across my 
transits and IX links. I want to look for opportunities to peer so I can better 
sell expansion of peering to upper management.

Our routers are mostly $VENDOR_C_XR so Netflow support is key.

In the past, I've used AS-Stats<https://github.com/manuelkasper/AS-Stats> for 
this purpose. However, it is particularly CPU and disk IO intensive. Also, it 
has not been actively maintained since 2017.

InfluxDB wants to sell 
me<https://www.influxdata.com/what-are-netflow-and-sflow/> on Telegraf + 
InfluxDB + Chronograf + Kapacitor, but I can't find any clear guide on what 
hardware I would need for that, never mind how to set up the software. It does 
appear to have an open source option, however.

pmacct seems to be good at gathering Netflow, but doesn't seem to analyze data. 
I don't see any concise howto guides for setting this up for my purpose, 
however.

I'm aware Kentik does this very well, but I have no budget at the moment, my 
testing window is longer than the 30 day trial, and we are not prepared to 
share our Netflow data with a third party.

Elastiflow<https://www.elastiflow.com/> appears to have been open 
source<https://github.com/robcowart/elastiflow?tab=readme-ov-file> at one time 
in the past, but no longer. Since it too appears to be hosted, I have the same 
objections as I do with Kentik above.

On-list and off-list replies are welcome.

Thanks,

-Brian



CAUTION: This email originated from outside of the organization. Do not click 
links or open attachments unless you recognize the sender and know the content 
is safe. If you are not expecting this message contact the sender directly via 
phone/text to verify.

Reply via email to