[c-nsp] MRTG graphing traffic that hits an ACL
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Wed Jul 5 12:59:14 EDT 2006
Dave Weis <> wrote on Wednesday, July 05, 2006 6:40 PM:
> On Wed, 5 Jul 2006, Oliver Boehmer (oboehmer) wrote:
>> Dave Weis <> wrote on Wednesday, July 05, 2006 6:11 PM:
>>
>>> I wanted to graph how much bandwidth or how many packets match a
>>> specific ACL on a 2600 series router. Does something like that show
>>> up in the SNMP MIB and how do I reference it with MRTG or similar?
>>
>> no.
>> Not sure if this works, but if you really need to find out, you could
>> try to put this traffic into a QoS class, use the "drop" directivy in
>> the appropriate class within a policy-map and monitor the offered
>> rate using QOS-MIB (not sure if we maintain per-class BW in this
>> case, if not, a policer with "drop" as conform- and exceed-action
>> will likely do). But this MIB is not trivial, and this definitly has
>> a performance impact (unless you're already doing QoS)..
>
> Any less painful method to see how much bandwidth a specific type of
> traffic is consuming?
netflow? Netflow will report dropped flows using a zero egress
interface.. MRTG graphing could be tricky, though (maybe there are some
tools around).
Out of interest: why do you want to graph traffic that you drop? Is this
supposed to be a permanent measure, or just temporarily?
oli
More information about the cisco-nsp
mailing list