Network Traffic Flow Capture
Hi Experts !!!
We have just build a Data Centre with 3 external links (WAN, Internet, IPLC) terminating on edge routers.
I have configured routers to send netflow traffic to NetFlow Analyzer and am also seeing captured traffic.
But i'm not able to understand it. Can anyone of you assist me in how to determine howmuch of the external links are bing utilized at any given point of time ?
How do i use this capture to baseline my network ?
Can i configure netflow on Cisco 6500 gig ports, where, DWDM links are getting terminated connecting two redundant data centre ?
Any assistance would be gr8!!! Thanks:)
We have just build a Data Centre with 3 external links (WAN, Internet, IPLC) terminating on edge routers.
I have configured routers to send netflow traffic to NetFlow Analyzer and am also seeing captured traffic.
But i'm not able to understand it. Can anyone of you assist me in how to determine howmuch of the external links are bing utilized at any given point of time ?
How do i use this capture to baseline my network ?
Can i configure netflow on Cisco 6500 gig ports, where, DWDM links are getting terminated connecting two redundant data centre ?
Any assistance would be gr8!!! Thanks:)
wsenter
If you are using Netflow, a Solarwinds product, just download Orion V9.5 for a 30 day trial. Netflow integrates with it. Setup SNMP in your 6500 switch and configure the switch in Orion. You can then view bandwidth utilization and many other measurements on every port on the switch. Very nice product as I use it daily.
ASKER
I'm using ManageEngine's NetFlow Analyzer....have you experience in using this product.. Would appreciate if you tell me..how to measure how much of the bandwidth of external links is being utilized at any given pint of time. ?
Thanks:)
To tell the truth most NetFlow analyzers don't show you link utilization. NetFlow is designed to analyze traffic based on things like source host, destination host, TCP port, UDP port, and COS. Not "port utilization".
You should be able to get link utilization by using SNMP queiries to for the Interfaces you are interested in.
ManageEngine has a product called OpManager that should be able to do this for you.
You should be able to get link utilization by using SNMP queiries to for the Interfaces you are interested in.
ManageEngine has a product called OpManager that should be able to do this for you.
If you are going to start from scratch, I would definately check out Solarwinds Orion
ASKER
Thank you for your little but valubale inputs. If its not possible to know link utilization using NetFlow Analyzer, can you plz tell what all things can be done with it.
I have heard a lot can be done. Plz throw some light on this.
Thanks:)
From my other post:
"NetFlow is designed to analyze traffic based on things like source host, destination host, TCP port, UDP port, and COS."
Example, say you start monitoring your links and you see that one of the links avg. 10% utilization however everyday between 2-3 PM it goes up to 90% utilization and you don't know of any application/function that should cause this spike in traffic.
Well with NetFlow you will be able to see what layer 4 protocol (UDP vs. TCP) what port (80 vs. 23 vs. 443) and which host (10.1.1.20 vs. 10.1.23.44) is causing the spike. This way you can go down and ask "Joe" why he is downloading the entire site content from "www.mypicutures.com" everyday at 2 PM.
"NetFlow is designed to analyze traffic based on things like source host, destination host, TCP port, UDP port, and COS."
Example, say you start monitoring your links and you see that one of the links avg. 10% utilization however everyday between 2-3 PM it goes up to 90% utilization and you don't know of any application/function that should cause this spike in traffic.
Well with NetFlow you will be able to see what layer 4 protocol (UDP vs. TCP) what port (80 vs. 23 vs. 443) and which host (10.1.1.20 vs. 10.1.23.44) is causing the spike. This way you can go down and ask "Joe" why he is downloading the entire site content from "www.mypicutures.com" everyday at 2 PM.
ASKER
Sorry..in getting back.
How do i monitor what has been the avg traffic, say on a WAN link ? Which is the peak period during the day ?
Do i have to monitor it hourly to get the above details or i can get the report from the NetFlow Analyzer tool ?
Thanks:)
How do i monitor what has been the avg traffic, say on a WAN link ? Which is the peak period during the day ?
Do i have to monitor it hourly to get the above details or i can get the report from the NetFlow Analyzer tool ?
Thanks:)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.