On Wednesday, March 30, 2011 02:40:16 pm Bob Goodwin wrote: > Netflow says their application is not intended for home use? > It's not clear to me if that has to be installed in a > computer/router or if it's something I can install here in this > computer or if it might already be installed in some routers out > of the box? Sorry for overwhelming with info; here's the simpler version. Netflow data export is a way the router can keep track of 'flows' of data (think of a flow as a connection; it isn't really, but it's still a good analogy) and export data on those flows passing through it to a 'collector.' DD-WRT apparently has some support for netflow data export (NDE for short) in this manner. One of the links I sent was a page that listed a few things about that, and possibly more links to how to set that up in DD-WRT. Once you have NDE set up to export (but before you actually turn the export on) you need to set up the collector; this is the ntop package that is included in Fedora. It is a web-based application; there are other flow collectors, but the key thing is that the box running the collector needs to have its firewall opened for the export from the router, and the router needs to know to export the flow data to that IP address. Once you have ntop collecting the flows, you can get all kinds of statistics on the top talkers, total bandwidth, connections used, IP addresses contacted, just to start. The setup isn't the easiest in the world; but, then again you have DD-WRT set up, so you've apparently got at least part of the skillset needed. Just tackle it with patience, and you can make that work. A hub and doing the collection with a sniffer and ntop will also work, but hubs have their own problems, and unless you'd just rather do it that way, having the router do NDE is the simplest way of getting the information you want. I'm doing this, using CentOS and ntop, with several Cisco routers of various types (a couple of 12000 series, a 7609, a 7206, a 7507, and a 7401) and it works pretty well. On CentOS 4 ntop isn't exceptionally stable; not a whole lot better on CentOS 5, but I would expect that the latest and greatest running on F14 might be the ticket. But my setup isn't the typical home setup, either, so your mileage may vary. What would be the 'cat's meow' would be ntop or similar integrated into the DD-WRT or other similar router interface, then it's all 'appliance based' and easy. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
