On 19-Nov-2013, at 8:44 pm, Brandon Arms <ba...@dsscorp.com> wrote: > Worth testing. Ultimately I'd like to be able to build the router > the with the features I want/need and then use that as the system vm > template for future spin ups. If the group knows how that can be > done I'd clear a huge hurdle
Brandon, As of now, the SSVM is not modular enough to allow for custom plugins. It will hopefully evolve into a extensible framework for 3rd party plugins and expose APIs. Vendors (Vyatta etc) would also be able to provide drop in SSVM replacements once the technology matures. At this time, if you were to custom build SSVMs, it will be a PITA to maintain and thats not really a good place to be in as far as production systems are concerned. The other issue is, the VR solution won’t really work for shared networks/basic flat networks as there are no VRs used as gateways. Traffic flows through the provider’s egress device. sFlow at the switch level is probably the best solution for now. Record flows and map it to the customers. DDoS detection can also be done here. Given the high CPU costs for DDoS detection, port mirroring is also an option. Push mirrored traffic to a bunch of suricata servers for monitoring traffic. Regards. @shankerbalan > > Brandon Arms > Network Engineer > DSS > ba...@dsscorp.com > > > -----Original Message----- > From: Eric Tykwinski [mailto:eric-l...@truenet.com] > Sent: Monday, November 18, 2013 8:33 PM > To: users@cloudstack.apache.org > Subject: Re: Use of internet bandwidth > > Brandon, > > Just wondering, could you add other applications in the same way. > More specifically: http://sourceforge.net/projects/ipt-netflow/ > > Basically, adding netflow output for DDoS detection would be a nice > addition... > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > F: 610-429-3222 > > On Nov 18, 2013, at 4:29 PM, Brandon Arms <ba...@dsscorp.com> wrote: > >> Here is what I've done on each virtual router: >> >> apt-get update >> apt-get install snmpd >> apt-get install snmp >> apt-get install snmp-mibs-downloader >> chkconfig --add snmpd >> chkconfig snmpd on >> >> vi /etc/default/snmpd >> #export mibs >> SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -p /var/run/snmpd.pid 0.0.0.0' >> >> mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.org >> >> vi /etc/snmp/snmpd.conf >> >> rocommunity "snmpstring" >> syslocation "location" >> syscontact "contact" >> >> service snmpd restart >> >> iptables -A INPUT -s [sourceip] -p udp --dport 161 -m state --state >> NEW,ESTABLISHED -j ACCEPT >> >> vi /etc/rc.local >> iptables -A INPUT -s [sourceip] -p udp --dport 161 -m state --state >> NEW,ESTABLISHED -j ACCEPT >> >> this does work if the router is rebooted but does not if the router is >> rebuilt. We are currently using this method as well as working with usage >> data. >> >> Brandon Arms >> Network Engineer >> DSS >> ba...@dsscorp.com >> >> -----Original Message----- >> From: Vahric Muhtaryan [mailto:vah...@doruk.net.tr] >> Sent: Monday, November 18, 2013 12:16 PM >> To: CloudStack SupportMailingList >> Subject: Re: Use of internet bandwidth >> >> Hello Gerolamo, >> >> I¹m looking for it too >> I do not have a knowledge yet but usage meter may help but what i¹m thinking >> i don¹t know what switch you use but switch to open virtual switch and get >> the flow data and send it to any software and measure there usage. >> >> I¹m waiting other replies :D >> >> Also i know that VR¹s are debian but i don¹t know package installation >> allowed or not ? Did you try ? >> >> Regards >> VM >> >> On 18/11/13 19:10, "Gerolamo Valcamonica" <gerol...@pyder.com> wrote: >> >>> Hi everybody >>> I need to monitor the use of internet bandwidth of every customer on >>> my platform. >>> >>> Measuring the internet bandwidth use outgoing the virtual routers >>> could be the best practice to do that >>> >>> The problem is that the virtual routers are created by CloudStack out >>> of the box without snmp services >>> >>> So.. do you have any ideas for internet usage measurements by >>> costumer account? >>> >>> P.S. >>> I use Zabbix as monitoring system >>> >>> -- >>> Gerolamo Valcamonica >> >> > > -- @shankerbalan M: +91 98860 60539 | O: +91 (80) 67935867 shanker.ba...@shapeblue.com | www.shapeblue.com | Twitter:@shapeblue ShapeBlue Services India LLP, 22nd floor, Unit 2201A, World Trade Centre, Bangalore - 560 055 CloudStack Bootcamp Training on 27/28 November, Bangalore http://www.shapeblue.com/cloudstack-training/ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
