• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 870
  • Last Modified:

Network Traffic Flow Capture

Hi Experts !!!
We have just build a Data Centre with 3 external links (WAN, Internet, IPLC) terminating on edge routers.
I have configured routers to send netflow traffic to NetFlow Analyzer and am also seeing captured traffic.

But i'm not able to understand it. Can anyone of you assist me in how to determine howmuch of the external links are bing utilized at any given point of time ?
How do i use this capture to baseline my network ?

Can i configure netflow on Cisco 6500 gig ports, where, DWDM links are getting terminated connecting two redundant data centre ?

Any assistance would be  gr8!!! Thanks:)
0
vbongarala
Asked:
vbongarala
  • 3
  • 3
  • 2
1 Solution
 
wsenterCommented:
If you are using Netflow, a Solarwinds product, just download Orion V9.5 for a 30 day trial.  Netflow integrates with it. Setup SNMP in your 6500 switch and configure the switch in Orion.  You can then view bandwidth utilization and many other measurements on every port on the switch. Very nice product as I use it daily.
0
 
vbongaralaAuthor Commented:

I'm using ManageEngine's NetFlow Analyzer....have you experience in using this product.. Would appreciate if you tell me..how to measure how much of the bandwidth of external links is being utilized at any given pint of time. ?

Thanks:)
0
 
giltjrCommented:
To tell the truth most NetFlow analyzers don't show you link utilization.  NetFlow is designed to analyze traffic based on things like source host, destination host, TCP port, UDP port, and COS.  Not "port utilization".

You should be able to get link utilization by using SNMP queiries to for the Interfaces you are interested in.

ManageEngine has a product called OpManager that should be able to do this for you.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
wsenterCommented:
If you are going to start from scratch,  I would definately check out Solarwinds Orion
0
 
vbongaralaAuthor Commented:

Thank you for your little but valubale inputs. If its not possible to know link utilization using NetFlow Analyzer, can you plz tell what all things can be done with it.

I have heard a lot can be done. Plz throw some light on this.

Thanks:)
0
 
giltjrCommented:
From my other post:

"NetFlow is designed to analyze traffic based on things like source host, destination host, TCP port, UDP port, and COS."

Example, say you start monitoring your links and you see that one of the links avg. 10% utilization however everyday between 2-3 PM it goes up to 90% utilization and you don't know of any application/function that should cause this spike in traffic.

Well with NetFlow you will be able to see what layer 4 protocol (UDP vs. TCP) what port (80 vs. 23 vs. 443)  and which host (10.1.1.20 vs. 10.1.23.44) is causing the spike.  This way you can go down and ask "Joe" why he is downloading the entire site content from "www.mypicutures.com" everyday at 2 PM.
0
 
vbongaralaAuthor Commented:
Sorry..in getting back.

How do i monitor what has been the avg traffic, say on a WAN link ? Which is the peak period during the day ?

Do i have to monitor it hourly to get the above details or i can get the report from the NetFlow Analyzer tool ?

Thanks:)
0
 
giltjrCommented:
Typically you would use something that would use SNMP to query the bytes sent/received over the WAN link and let it calculate the % utilization.  Most products/programs use 5 minute intervals at there query interval.

You can look at MRTG or PRTG as programs that do this that are free, but ask for donations.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now