<div dir="ltr">Roman,<div><br></div><div>Several years ago, at Monash University, I used open source software</div><div> cisco netflow -> nfdump -> NfSen</div><div>to analyse network traffic.</div><div>This collects and analyses flows, not the raw packets. </div><div><div>NfSen has a graphic dashboard that can collect/show/drill-down stats that you have pre-defined.</div><div>The 'nfdump' CLI can be used for ad-hoc (text output) analysis, or cron'd for daily summary reports.</div><div><br></div></div><div>Capturing packets from a 10G fibre network backbone to spinning hard drives wasn't easy. Try</div><div> cisco filter -> RSPAN -> network -> GRE software endpoint -> tcpdump -w</div><div>Much easier, but $$$, to use passive fibre taps, packet broker hardware etc.<br><br></div><div> John</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 3 May 2022 at 14:25, Roman Islam <<a href="mailto:romislam@gmail.com">romislam@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hello Everyone,<div><br></div><div>Any recommendation for a suitable open source software which can help to assess the current network traffic profile? For example port span, capture packet and analyze the traffic type and percentage. Using wireshark regularly but as a troubleshooting tool compared to network traffic analyzer.</div><div> </div><div>Our QoS classification and marking policy has been outdated. We now need to re-investigate to make it more granular and re-align the marking and queuing strategy.</div><div><br></div><div>-R </div><div><br></div><div><br></div></div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@ausnog.net" target="_blank">AusNOG@ausnog.net</a><br>
<a href="https://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">https://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>