[c-nsp] Usage Billing w/ Netflow / Implementation Pitfalls

Chris Riling criling at gmail.com
Tue May 20 14:57:08 EDT 2008 

That sounds pretty cool... I wouldn't be looking to pull info on all 1024
hosts in one report.. I'd be pulling info on groups of IPs; grouped by
customer or machine, and I'd want to look at the amount of data
transferred over the last 30 days or something... The reason I can't just
look at switchports is because some of these customers use their network
connections inside of our data center for more things than just internet
access (i.e. I want to check at the border so I only see traffic that left
our network toward the internet, or from the internet toward these hosts...
I don't care about any usage incurred due to backup jobs, or other data
transfer within the data center)

Thanks!
Chris


On 5/20/08, Joe Loiacono <jloiacon at csc.com> wrote:
>
>
> Hi Chris,
>
> Netflow is very useful for establishing customer chargebacks based on
> actual usage. Keep in mind however that in practice it is not perfect, as
> you can lose netflow information from several sources though generally it is
> not much (e.g., device table overflow, lost UDP netflow packets, collector
> overload, etc.) Despite this possibility, you can get a very close and
> useful picture of specified traffic sets.
>
> Have you considered open-source flow-tools/FlowViewer? The FlowTracker
> capability allows you to maintain long-term RRDtool graphs for any user you
> want. You can also group users and look at them as a group. I track over 120
> such individual users here at NASA GSFC. That said, if you're going to look
> at all 1024 hosts (in a /22) then graphs wouldn't be practical; you would
> need to invoke a textual report periodically.
>
> If you're going to collect netflow though, flow-tools/FlowViewer offers a
> lot of analysis tools to enhance your picture of your network. Check out
> screenshots, etc. for FlowViewer:at:
>
> http://ensight.eos.nasa.gov/FlowViewer/
>
> Joe
>
>
>
>
>
>
>   *"Chris Riling" <criling at gmail.com>*
> Sent by: cisco-nsp-bounces at puck.nether.net
>
> 05/20/2008 02:03 PM
>    To
> cisco-nsp at puck.nether.net  cc
>   Subject
> [c-nsp] Usage Billing w/ Netflow / Implementation Pitfalls
>
>
>
>
> Hi All,
>
>     I know this has been asked thousands of times before, but I don't think
> anyone has ever answered it in quite the same fasion. I'm thinking about
> turning on netflow on my border routers (7606's with Sup32's / full
> routes);
> Think I'll see any issues from turning on the exports? Also, specifically,
> we're looking to see the ability to generate reports for say, a /22, and
> the
> amount of transfer for each host in the /22 that has entered / exited our
> network at the border (MRTG on the switchports isn't going to cut it). I've
> heard that a lot of people use ntop for this sort of thing, but in the demo
> I wasn't able to find anything that did exactly this, and I wanted to
> consult the list before turning on Netflow at the border routers anyway.
> I've also heard of people using stager for the report generation; can
> stager
> do the same sort of thing?
>
> Thanks,
> Chris
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>

More information about the cisco-nsp mailing list