On Fri, 10 Sep 2004 09:36:19 +0400
Gleb Smirnoff <[EMAIL PROTECTED]> wrote:
> On Thu, Sep 09, 2004 at 11:41:26PM +0300, Vlad GALU wrote:
> V>This made me raise my eyebrow. I wrote a small tool that we use
> V>in
> V> production at RDS: http://freshmeat.net/projects/glflow. The way I
> V> d
On Thu, Sep 09, 2004 at 11:41:26PM +0300, Vlad GALU wrote:
V> This made me raise my eyebrow. I wrote a small tool that we use in
V> production at RDS: http://freshmeat.net/projects/glflow. The way I
V> designed it, it is supposed to clean up the flow tree once in a while
V> and remove 'old' fl
On Sep 9, 2004, at 1:11 PM, Andre Oppermann wrote:
Just because you have to use Netflow on Cisco IOS doesn't mean you
don't
have (or can invent) better tools on FreeBSD.
Netflow is really useful for auditing and forensics. If you have it
enabled for your routers, you can see who did what when,
On Thursday 09 September 2004 02:01 pm, Hannes Mehnert wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi,
>
> On Thu, Sep 09, 2004 at 08:29:55PM +0100, Brian Somers wrote:
> > On Wed, 14 Jul 2004 20:52:48 +0200, Hannes Mehnert <[EMAIL PROTECTED]>
wrote:
> > > On Mon, Jul 12, 2004 at
On Thu, 9 Sep 2004 22:01:42 +0200, Hannes Mehnert <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi,
>
> On Thu, Sep 09, 2004 at 08:29:55PM +0100, Brian Somers wrote:
> > On Wed, 14 Jul 2004 20:52:48 +0200, Hannes Mehnert <[EMAIL PROTECTED]> wrote:
> > > On Mon,
I'm a bit confused by this uma_zcreate() call in kern_mbuf.c:
zone_mbuf = uma_zcreate("Mbuf", MSIZE, mb_ctor_mbuf, mb_dtor_mbuf,
NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_MAXBUCKET);
Given that dtom() is defined as:
#define dtom(x) ((struct mbuf *)((intptr_t)(x) & ~(MSIZE-1
On Fri, 10 Sep 2004 00:00:52 +0400
Gleb Smirnoff <[EMAIL PROTECTED]> wrote:
> On Thu, Sep 09, 2004 at 09:58:59PM +0200, Andre Oppermann wrote:
> A> Do you really log all Netflow packets to disk to be able to provide
> A> details to the customer? Or do you aggregate the details on the
> A> collect
Gleb Smirnoff wrote:
>
> On Thu, Sep 09, 2004 at 09:58:59PM +0200, Andre Oppermann wrote:
> A> Do you really log all Netflow packets to disk to be able to provide
> A> details to the customer? Or do you aggregate the details on the
> A> collector?
>
> Full netflow dumps are stored on disk for ab
Gleb Smirnoff wrote:
>
> On Thu, Sep 09, 2004 at 07:33:18PM +0200, Andre Oppermann wrote:
> A> The only thing the kernel *may* know about is the right- and leftmost AS.
> A> It may be more efficient to send the netflow data through a small helper
> A> application that just fills in the two AS numb
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
On Thu, Sep 09, 2004 at 08:29:55PM +0100, Brian Somers wrote:
> On Wed, 14 Jul 2004 20:52:48 +0200, Hannes Mehnert <[EMAIL PROTECTED]> wrote:
> > On Mon, Jul 12, 2004 at 03:32:18PM -0600, Mike Durian wrote:
> > > This is just a follow-up to say th
On Thu, Sep 09, 2004 at 09:58:59PM +0200, Andre Oppermann wrote:
A> Do you really log all Netflow packets to disk to be able to provide
A> details to the customer? Or do you aggregate the details on the
A> collector?
Full netflow dumps are stored on disk for about 2-3 months, aggregated
data goes
Gleb Smirnoff wrote:
>
> On Thu, Sep 09, 2004 at 08:11:01PM +0200, Andre Oppermann wrote:
> A> What is the point of Netflow accounting? (And I do run an ISP.)
> A> Is it to get overall AS to/from AS traffic statistics? Then Netflow
> A> is not very good for that. Do you really need information
On Thu, Sep 09, 2004 at 06:02:35PM +, Bjoern A. Zeeb wrote:
B> What I'd like to ask but did not because I didn't really have a
B> chance to view more than documentation is:
B> - what is the memory impact of this node ?
It uses a static cache (default size 65k entries). One entry takes
56 bytes
On Thu, Sep 09, 2004 at 07:33:18PM +0200, Andre Oppermann wrote:
A> > I'm working on a patch, which will bring AS path support. AS paths are going
A> > to be stored separately from rtentries. The latter will have a reference to
A> > AS paths. Each AS path is going to have a reference counter in sel
On Thu, Sep 09, 2004 at 08:11:01PM +0200, Andre Oppermann wrote:
A> What is the point of Netflow accounting? (And I do run an ISP.)
A> Is it to get overall AS to/from AS traffic statistics? Then Netflow
A> is not very good for that. Do you really need information on every
A> flow? Are you going
On Wed, 14 Jul 2004 20:52:48 +0200, Hannes Mehnert <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi,
>
> On Mon, Jul 12, 2004 at 03:32:18PM -0600, Mike Durian wrote:
> > This is just a follow-up to say the problem still exists in a -current
> > system I built fr
Gleb Smirnoff wrote:
>
> On Thu, Sep 09, 2004 at 06:22:36PM +0200, Andre Oppermann wrote:
> A> I haven't looked into every detail but overall it's a nice piece of work.
> A> :-)
>
> Thanks :)
BTW: You may be better off using pfil_hooks instead of netgraph for your
tool. You'll save one m_copym
"Bjoern A. Zeeb" wrote:
>
> On Thu, 9 Sep 2004, Andre Oppermann wrote:
>
> > The only thing the kernel *may* know about is the right- and leftmost AS.
> > It may be more efficient to send the netflow data through a small helper
> > application that just fills in the two AS number based on a mrt d
On Thu, 9 Sep 2004, Andre Oppermann wrote:
> The only thing the kernel *may* know about is the right- and leftmost AS.
> It may be more efficient to send the netflow data through a small helper
> application that just fills in the two AS number based on a mrt dump.
where and when ? that's not rea
Gleb Smirnoff wrote:
> A> In the README you are talking Netflow 5 and AS path's. I don't undestand
> A> why
> A> you want to pass the AS path into the rtentry structure? Wouldn't the
> A> right-most AS sufficise?
>
> AFAIK, Cisco's netflow can be configured in two modes: "peer-as", when a
> left
Andre Oppermann wrote this message on Thu, Sep 09, 2004 at 19:05 +0200:
> John-Mark Gurney wrote:
> >
> > In a recent experiment w/ Jumbo frames, I found out that sending ip
> > frames completely ignores the MTU set on host routes. This makes it
> > difficult (or next to impossible) to support a
On Thu, Sep 09, 2004 at 06:22:36PM +0200, Andre Oppermann wrote:
A> I haven't looked into every detail but overall it's a nice piece of work.
A> :-)
Thanks :)
A> In the README you are talking Netflow 5 and AS path's. I don't undestand
A> why
A> you want to pass the AS path into the rtentry str
John-Mark Gurney wrote:
>
> In a recent experiment w/ Jumbo frames, I found out that sending ip
> frames completely ignores the MTU set on host routes. This makes it
> difficult (or next to impossible) to support a network that has both
> regular and jumbo frames on it as you can't restrict some
Gleb Smirnoff wrote:
Collegues,
here is netgraph module which implements Netflow traffic
accounting, which I'm going to add to CURRENT in recent future:
http://cell.sick.ru/~glebius/ng_netflow/ng_netflow-0.3-snap-20040905.tar.gz
It is quite different to ng_netflow in ports/net, because its
expi
George S wrote:
> > I thought you had to explicitly state the check-state. Anyway,
> > I've just noticed that your last rule is #65655 which is higher
> > than the max for an unsigned short. Depending how this overflow
> > is handled, you might get odd behaviour. This might just result
> > in th
Hi,
I have created a patch for NetPIPE version 3.6.2 that makes it
work with IPv6. If you're unfamiliar with NetPIPE then jump
to here: http://www.scl.ameslab.gov/netpipe/
In short NetPIPE is a cool tool for generating packets and
stressing/testing networ
26 matches
Mail list logo
