[AusNOG] Netflow
Tom Wright
tom.c.wright at gmail.com
Fri Jul 15 10:12:50 EST 2011
Yep, and it is fairly trivial to write a netflow collector from scratch
using something like Perl. If all you want to do is look at traffic from
certain AS/AS-Sets through transit links, etc, then it is very easy.
Netflow packets are really simple to decode, and then you can use
RRD modules to push the data straight into RRD's.
-- Tom
On 15/07/2011, at 8:44 AM, David Hughes wrote:
>
> Hey Lincoln,
>
> On 15/07/2011, at 8:53 AM, Lincoln Dale wrote:
>
>> certainly there are 3rd party netflow tools that attempt to derive the 'path' and some tools that help model questions like "if i peer with AS X how will that influence my traffic", but netflow itself does not provide that analysis and any tools that do so will be based on a bunch of assumptions that are typically never 100% correct.
>
> Sure, 100% correct isn't going to be possible, but by coupling netflow data and your routing table the results _should_ be very useful. Naturally, that doesn't include any local routing policies of the transit AS's between src and dst but it should be a fair approximation.
>
>
> David
> ...
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
More information about the AusNOG
mailing list