RE: Monitor IP Traffic from many BSD computers
Would this no produce a packet storm? For every packet sent/received a new packet would be set to the monitor. For this new packet a new packet would be set to the monitor. For this new packet a new packet would be set to the monitor. For this new packet a new packet would be set to the monitor. ad infinitum. -D p.s. Mind you, tcpdump could filter out the monitoring machine :) -Original Message- From: Koroush Saraf [mailto:[EMAIL PROTECTED]] Sent: 15 October 2002 03:47 To: [EMAIL PROTECTED] Subject: Monitor IP Traffic from many BSD computers I have a pool of bsd computers, connected together via an ethernet switch. I like to monitor the traffic that is exchanged between all the computers, and capture and display them on a console computer. Since I'm using a switch, I will not be able to see the traffic and also the switch is a 3com superstack II -3300 which can only monitor one port at a time, so that option is out also. I like to know how I can setup the pool of bsd computers, so that they send a copy of whatever packet they receive to the console computer so that I can capture and graph it using a utility like etherape. thanks for your help, ~koroush To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message - ATTENTION: The information in this electronic mail message is private and confidential, and only intended for the addressee. Should you receive this message by mistake, you are hereby notified that any disclosure, reproduction, distribution or use of this message is strictly prohibited. Please inform the sender by reply transmission and delete the message without copying or opening it. Messages and attachments are scanned for all viruses known. If this message contains password-protected attachments, the files have NOT been scanned for viruses by the ING mail domain. Always scan attachments before opening them. - To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Monitor IP Traffic from many BSD computers
A nice solution which I make use is: a) install a SNMPD client on every box /usr/ports/net/net-snmp b) change the community string to something else than `public` c) create sample config file for snmpd d) install MRTG /usr/ports/net/mrtg e) Configure MRTG to be daemon and query every 5 minutes the SNMPD on all the boxes. f) If u like security :) use firewall to protect the SNMP port! -- I am using this setup on my local cluster. It works nicely! p.s. Of course if u like something more thatn measuring bandwidth then u can run a sniffer on every machine and forward the results to a main server, or u could capture the packets in raw form in a file and another workstation to be used to analyze these packets. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Monitor IP Traffic from many BSD computers
If you intend to send the captured packets to the console host via the same interface they were captured from this will multipy the network load tremendously. And if you also have the console host do the same this too will likely cause your network to become overloaded sending the packets captures. I don't think this is a practical approuch. It may be practicle if you place a second NIC in each machine and create a second network only for sending the captures to the console host. This too is likely not the best solution. I would recommend that you find your self a switch with a more functional SPAN port, such as an old Cisco 2900. The Catalyst series SPAN ports are much more capable. I often dump all the traffic from any one of a number of VLANs from the 2900. But mind you if your network is heavily loaded your SPAN port wont have the bandwidth to keep up with the traffic. - Mike Hogsett I have a pool of bsd computers, connected together via an ethernet switch. I like to monitor the traffic that is exchanged between all the computers, and capture and display them on a console computer. Since I'm using a switch, I will not be able to see the traffic and also the switch is a 3com superstack II -3300 which can only monitor one port at a time, so that option is out also. I like to know how I can setup the pool of bsd computers, so that they send a copy of whatever packet they receive to the console computer so that I can capture and graph it using a utility like etherape. thanks for your help, ~koroush To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
