>
> > 2) Identify source and destination of the traffic flows (kind of like a
> > graphical snoop with flow rates).
> >
>
> This is bit tricky. I haven't seen any MIBs to support this kind of information. There may exist
> some ? The one I have implemented is by using RMON Probe. We are using HP LAN Probe, and as needed,
> capturing limited amount of (256 to be exact) packets going or coming from the router MAC address.
>
> Then we are analyzing the packets to find the protocol distribution and traffic matrix (by protocol
> and station). This gives us a approximate snapshot of the WAN pipe usage.
>
> I found a software based rmon probe called "btng", but failed to get it working.
>
> Another option is to use "tcpdump" capture packet. The analysis may have to be done by writing
> scripts. There may exist some scripts like that ?
I have seen a package called etherman (binary only) which does a cool
visual layout of ether & amount of traffic it produces, but was looking
for something more configurable. My main goal is that when I see our
pipe to the Internet being heavily utilized, I would like to take a
sample and find out who is using it and for what purpose.
-- ------------------------- | Scott MacKay : Postmaster | sdm@rte.com | postmaster@rte.com | ICQ 22025608 | (716) 383-1290 | Real Time Enterprises, Pittsford NY | -Electronic Document Imaging-System Integration-Software Development- | 'The opinions shared here only reflect the poster's | views and may not reflect the views of the company.'-- !! This message is brought to you via the `tkined & scotty' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to <tkined-request@ibr.cs.tu-bs.de>. !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more information.