Hi, I was wondering if anyone here currently uses a system to monitor total traffic sent/received for each domain. Looking at solutions I have eliminated SNMP as a possible solution. Even if the tunnel interface name were static, SNMP goes by the interface id so after a reboot of the host server things would never match up again. Adding count rules to the FORWARD chain per device and then using back- end scripts to save/manage the data seems to be a workable solution. I''m not sure if this is the best way to go about it and hence why I am interested if anyone else has tackled the same problem. Ideas/input anyone? Thanks, Matt ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It''s fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On Fri, 2005-01-14 at 00:59 -0600, Tim Freeman wrote:> On Thu, 13 Jan 2005 19:49:01 -0500 > Matt Ayres <matta@tektonic.net> wrote: > > > Hi, > > > > I was wondering if anyone here currently uses a system to monitor total > > traffic sent/received for each domain. > > Have you looked into mrtg? > http://people.ee.ethz.ch/~oetiker/webtools/mrtg/ >This falls under the SNMP category so it falls under the same limitations I stated below. It''s not usable except in the case of possibly hooking it into a back-end script to load it''s data. Also, for those that use MRTG i''d highly recommend people look at RTG (http://rtg.sourceforge.net).> Also, enforcement is possible: > http://www.knowplace.org/shaper/index.html >This isn''t exactly monitoring, but it still useful. I actually do have network QoS working under Xen using iproute2/tc tools and it works fine loading the rules via the vif-bridge script.> HTH, > > Tim > > > > > > Looking at solutions I have eliminated SNMP as a possible solution. > > Even if the tunnel interface name were static, SNMP goes by the > > interface id so after a reboot of the host server things would never > > match up again. > > > > Adding count rules to the FORWARD chain per device and then using back- > > end scripts to save/manage the data seems to be a workable solution. > > I''m not sure if this is the best way to go about it and hence why I am > > interested if anyone else has tackled the same problem. > > > > Ideas/input anyone? > > > > Thanks, > > Matt-- ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It''s fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On Fri, 14 Jan 2005 00:19:40 -0500 Matt Ayres <matta@tektonic.net> wrote:> On Fri, 2005-01-14 at 00:59 -0600, Tim Freeman wrote: > > On Thu, 13 Jan 2005 19:49:01 -0500 > > Matt Ayres <matta@tektonic.net> wrote: > > > > > Hi, > > > > > > I was wondering if anyone here currently uses a system to monitor total > > > traffic sent/received for each domain. > > > > Have you looked into mrtg? > > http://people.ee.ethz.ch/~oetiker/webtools/mrtg/ > > > > This falls under the SNMP category so it falls under the same > limitations I stated below. It''s not usable except in the case of > possibly hooking it into a back-end script to load it''s data. Also, for > those that use MRTG i''d highly recommend people look at RTG > (http://rtg.sourceforge.net).ok (never used it). How about iptraf? Here are some interesting links I just ran across, too: http://www.debianlinux.net/system_management.html#traffic_accounting Tim> > > Also, enforcement is possible: > > http://www.knowplace.org/shaper/index.html > > > > This isn''t exactly monitoring, but it still useful. I actually do have > network QoS working under Xen using iproute2/tc tools and it works fine > loading the rules via the vif-bridge script. > >------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It''s fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On Thu, 2005-01-13 at 23:39 -0600, Tim Freeman wrote:> ok (never used it). > > How about iptraf?> Here are some interesting links I just ran across, too: > http://www.debianlinux.net/system_management.html#traffic_accounting >Now this part seems useful. Two of the programs there use libpcap (sniffing/promiscuous) to capture data. Since Xen uses bridging pcap is able to view all traffic going through the bridge. Of the two applications bandwidthd seems the most promising as it is complete, used commercially, and seems to be pretty active. I''ll be experimenting with it and will follow up in a few days if it turned out to be worthwhile or not. The only real problem I envision is running a copy of it on each Xen host... normally monitoring apps that put the interface into promisc mode like to eat up CPU, if you''re pushing over a few megabit/s out of the server it will most likely consume more CPU than wanted although filters can help reduce that. I guess this will all be found out over the next couple of hours/days. Thanks, Matt ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It''s fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On Thu, 13 Jan 2005 19:49:01 -0500 Matt Ayres <matta@tektonic.net> wrote:> Hi, > > I was wondering if anyone here currently uses a system to monitor total > traffic sent/received for each domain.Have you looked into mrtg? http://people.ee.ethz.ch/~oetiker/webtools/mrtg/ Also, enforcement is possible: http://www.knowplace.org/shaper/index.html HTH, Tim> > Looking at solutions I have eliminated SNMP as a possible solution. > Even if the tunnel interface name were static, SNMP goes by the > interface id so after a reboot of the host server things would never > match up again. > > Adding count rules to the FORWARD chain per device and then using back- > end scripts to save/manage the data seems to be a workable solution. > I''m not sure if this is the best way to go about it and hence why I am > interested if anyone else has tackled the same problem. > > Ideas/input anyone? > > Thanks, > Matt------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It''s fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
On 14 Jan 2005, at 00:49, Matt Ayres wrote:> Hi, > > I was wondering if anyone here currently uses a system to monitor total > traffic sent/received for each domain.I''m using netflow, running all the tools in Domain 0. It''s a combination of fprobe-ulog (netflow from iptables ULOG target), flow-capture, flowscan and CUFlow, and generates rrds per host/port/whatever. I''ll distill the config down to something useful if anyone''s interested.> Looking at solutions I have eliminated SNMP as a possible solution. > Even if the tunnel interface name were static, SNMP goes by the > interface id so after a reboot of the host server things would never > match up again.At least Cricket has a way of dealing with interfaces changing instance number - you can just specify the interface name and it''ll map it automatically. Chris. ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It''s fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel
Matt Ayres wrote:> I was wondering if anyone here currently uses a system to monitor > total traffic sent/received for each domain.[...]> Ideas/input anyone?Use ipac-ng. Tweak the rules as needed. -- Naked ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It''s fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel