Need traffic analysis tools

Discussion in 'Cisco' started by srp336@getcoactive.com, Aug 26, 2005.

  1. Guest

    I've got a router at another location of my company that been having
    some unexplained activity that I've been asked to investigate. The
    router in question is their border router to their ISP. Throughout the
    night, traffic is pretty much nil except for a period every single
    night from about 4am to 5am, when the inbound traffic suddenly goes to
    about 80% of their bandwidth. This is according to the ISP provided
    stats page which is run on the serial port on the ISP's side.

    I don't really have many formal tools to handle situations like this.
    Usually, I use gathered statistics, ip accounting, and debugging when
    things like this occur in the middle of the day when I'm at my desk.

    What can I use to find out what's going on?

    Thanks!
     
    , Aug 26, 2005
    #1
    1. Advertising

  2. On 26.08.2005 17:33 wrote

    > I've got a router at another location of my company that been having
    > some unexplained activity that I've been asked to investigate. The
    > router in question is their border router to their ISP. Throughout the
    > night, traffic is pretty much nil except for a period every single
    > night from about 4am to 5am, when the inbound traffic suddenly goes to
    > about 80% of their bandwidth. This is according to the ISP provided
    > stats page which is run on the serial port on the ISP's side.
    >
    > I don't really have many formal tools to handle situations like this.
    > Usually, I use gathered statistics, ip accounting, and debugging when
    > things like this occur in the middle of the day when I'm at my desk.
    >
    > What can I use to find out what's going on?
    >


    Connect a Linux box to the switch where the ethernet interface of the
    router is connected to, SPAN [0] it to the Linux interface and run ntopd
    [2] on this interface.



    Arnold
    [0]
    http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008015c612.shtml
    [1] http://www.ntop.org/
    --
    Arnold Nipper, AN45
     
    Arnold Nipper, Aug 26, 2005
    #2
    1. Advertising

  3. Dan Daniels Guest

    <> wrote in message
    news:...
    > I've got a router at another location of my company that been having
    > some unexplained activity that I've been asked to investigate. The
    > router in question is their border router to their ISP. Throughout the
    > night, traffic is pretty much nil except for a period every single
    > night from about 4am to 5am, when the inbound traffic suddenly goes to
    > about 80% of their bandwidth. This is according to the ISP provided
    > stats page which is run on the serial port on the ISP's side.
    >
    > I don't really have many formal tools to handle situations like this.
    > Usually, I use gathered statistics, ip accounting, and debugging when
    > things like this occur in the middle of the day when I'm at my desk.
    >
    > What can I use to find out what's going on?
    >
    > Thanks!
    >


    NetFlow either with or without a tool like nTop.
     
    Dan Daniels, Aug 26, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. X.25
    Replies:
    1
    Views:
    2,381
    M.C. van den Bovenkamp
    Jul 8, 2003
  2. Hypno999

    traffic-shaping limit ftp traffic

    Hypno999, Oct 7, 2005, in forum: Cisco
    Replies:
    5
    Views:
    3,644
  3. Houston SBC
    Replies:
    1
    Views:
    421
    Walter Roberson
    Jul 8, 2007
  4. HostedSwitch
    Replies:
    0
    Views:
    759
    HostedSwitch
    Sep 19, 2008
  5. xENVIOUSx

    NEED HELP! Computer programming and Time series analysis

    xENVIOUSx, May 7, 2012, in forum: General Computer Support
    Replies:
    0
    Views:
    937
    xENVIOUSx
    May 7, 2012
Loading...

Share This Page