Re: Bandwidth monitoring .. hints/tips & which tool?
On Mon, May 19, 2003 at 08:18:42PM +0000, Jonathan Matthews wrote:
> Hi all -
> [Summary: What tool is best for traffic monitoring down to the per-user
> Just wondered if anyone could point me in the right direction so that I
> can build a positive image of Debian within the organisation I work for.
> The company's nothing exciting - we make cookers :-)
> The IT guy there would like to be able to see who's using our intra-site
> bandwidth up, and on what task. Traffic breakdown by time, user (hence
> IP, I suppose) and port would be my best guess.
> All traffic goes through an MS proxy server at this site (and
> traffic going that way is all we're concerned about at this juncture)
> and then through a Cisco router on the way to the remote site.
> He'd like a solution that involves installing a piece of software on his
> local PC and nothing else, but I'm not so easily satisfied. I want to
> (and I think I can convince him to let me) install a low-end box between
> either the network and the proxy, the proxy and the router, or the
> router and the remote site. I'd like to get a Debian box in there, and
> I'd appreciate some help with what I should be looking to put it on
> I've been looking at MRTG, but can't see (remembering that I'm not in a
> position to try stuff out at work to see if it works :-|) a way to break
> the reports down by source/destination IP address. Am I missing
> If not, and MRTG just isn't the tool for this job, then what is?
> I'm not averse to a bit of perl/whatever hacking, but would like to use
> an existing tool if it's out there!
> Any ideas? On-list, please.
Both ntop <http://www.ntop.org/ntop.html>
and iptraf <http://iptraf.seul.org/> should do this.
iptraf is lighter on resources, and offer realtime monitoring,
ntop is accessed trough an browser, and offers extensive graphs of
It all depends on how low-end this box is.