[c-nsp] MRTG graphing traffic that hits an ACL
David Freedman
david.freedman at uk.clara.net
Wed Jul 5 14:44:57 EDT 2006
Oliver Boehmer (oboehmer) wrote:
> Dave Weis <> wrote on Wednesday, July 05, 2006 6:11 PM:
>
>> I wanted to graph how much bandwidth or how many packets match a
>> specific ACL on a 2600 series router. Does something like that show
>> up in the SNMP MIB and how do I reference it with MRTG or similar?
>
> no.
> Not sure if this works, but if you really need to find out, you could
> try to put this traffic into a QoS class, use the "drop" directivy in
> the appropriate class within a policy-map and monitor the offered rate
> using QOS-MIB (not sure if we maintain per-class BW in this case, if
> not, a policer with "drop" as conform- and exceed-action will likely
> do).
> But this MIB is not trivial, and this definitly has a performance impact
> (unless you're already doing QoS)..
I wrote a perl script some time ago which parsed this mib in order to
make an MRTG config file out of it.
It finds all the service policies attached to interfaces (in either
direction) and generates graphs for each of their classes (including the
dropped traffic if you so desire)
for those that are interested it can be downloaded from
http://www.convergence.cx/scripts/qosmaker.gz
its not particularly well written (by my own admission!) and requires
that the NET SNMP toolset is installed on the machine (particularly the
snmpwalk/snmpget binaries)
YMMV.
Dave.
>
> oli
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list