Bandwidth monitoring

M

moose517

Gawd
Joined
Feb 28, 2009
Messages
640
I've seen some threads in the past about this but none of them have been helpful to me. I have a Cisco asa5505 and was wanting to monitor how much bandwidth i'm a month, my ISP doesn't have any caps but i was more or less wanting to monitor and see how much i really use.

I've seen netflow mentioned for it but i have never been able to get it working if thats even the right thing to be using. Any links or tut's would be helpful :D
 
You use SNMP to monitor total traffic across an interface; netflow will tell you what was going across the interface at a given time.

Cacti is great for simple SNMP monitoring, but I've yet to find a free netflow collector that worked well. Ntop is the closest thing, but all data is lost if it restarts. We use Solarwinds at work - works very well.
 
PRTG does both and is free for 10 sensors.

As much is i hated stetting up NetQoS, it's full of win once it's up and running. IMHO, better than Solarwinds Orion.

EDIT: Also, Netflow (aka NSEL) is tricky on an ASA. It's only supported on ver 8.2 and it's not "true" netflow. It only logs the data, once the connection has been closed.
 
so i can't get cacti to install, says something about "Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 261904 bytes) in C:\WWW\Cacti\lib\adodb\adodb.inc.php on line 833" i've done some googling but can't seem to figure out what i need to do to get it to work.
 
Honestly, I finally tried Cacti, and it's shit. Netflow v9 or GTFO.
 
WesM63 said:
Honestly, I finally tried Cacti, and it's shit. Netflow v9 or GTFO.
Click to expand...

Cacti was never intended for those who need netflow. We used it to monitor switchports, UPSs, CPUs, volumes, VPN connections - it can graph anything that uses SNMP for free.

As far as netflow collectors - there isn't much to choose from unless you are able to lay out some pretty serious cash. And for an at home solution - I'm sure that's in short supply.

Here are some cacti examples via some google-fu (search "graph_view.php?") -
https://ciist.ist.utl.pt/cacti/graph_view.php?action=tree&tree_id=3&leaf_id=645
http://cacti.kernel.org/graph_view.php?action=tree&tree_id=2
http://umopt1.grid.umich.edu/cacti/graph_view.php?action=tree&tree_id=10&select_first=true
 
i'll check out cactiEZ, i can indeed do it in a VM so its perfect, if not i'll look into some of the others mentioned
 
moose517 said:
so i can't get cacti to install, says something about "Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 261904 bytes) in C:\WWW\Cacti\lib\adodb\adodb.inc.php on line 833" i've done some googling but can't seem to figure out what i need to do to get it to work.
Click to expand...

http://forums.cacti.net/about23444.html&highlight=

Try increasing the PHP memory limit, to say 256MB. When I used to run Cacti years ago, I found it was a resource hog. So I switched back to MRTG. Takes longer to make the graphs, but MRTG has less hit on system resources when running/generating graphs.
 
Cacti is so easy to install, it's not even funny.

EDIT: And I'm 90% Windows Admin, lol
 
SpaceHonkey said:
Cacti was never intended for those who need netflow. We used it to monitor switchports, UPSs, CPUs, volumes, VPN connections - it can graph anything that uses SNMP for free.

As far as netflow collectors - there isn't much to choose from unless you are able to lay out some pretty serious cash. And for an at home solution - I'm sure that's in short supply.

Here are some cacti examples via some google-fu (search "graph_view.php?") -
https://ciist.ist.utl.pt/cacti/graph_view.php?action=tree&tree_id=3&leaf_id=645
http://cacti.kernel.org/graph_view.php?action=tree&tree_id=2
http://umopt1.grid.umich.edu/cacti/graph_view.php?action=tree&tree_id=10&select_first=true
Click to expand...


I'm sorry, whats so special about Cacti? If you're going to tout Neflow support, support V9 or, like i said, GTFO.

Everyone does SNMP and Syslog, so what makes Cacti special? It's free?

BTW, PRTG fits the bill perfectly and much simpler to use than Cacti. Only downside is it's only free for 10 sensors.

Here is a shot of quick reports from 6/1-6/8 of mine at home:
http://xs.to/media/3478
 
WesM63 said:
BTW, PRTG fits the bill perfectly and much simpler to use than Cacti. Only downside is it's only free for 10 sensors.
Click to expand...

It's also pretty cheap too, just bought 100 sensor license for around $400 bucks, can't really beat that. :)
 
hmmm i'll look into PRTG as well then, only plan on monitoring my firewall for bandwidth usage anyways, but i'm sure i'll quickly find other things haha.
 
WesM63 said:
I'm sorry, whats so special about Cacti? If you're going to tout Neflow support, support V9 or, like i said, GTFO.

Everyone does SNMP and Syslog, so what makes Cacti special? It's free?
Click to expand...

To non-profits and schools, free is a real hard price to beat. Same for something at home. Given, to really know what you're doing you need to understand SNMP and linux (usually). But if you're not willing to learn - you're going to have to pay for something.

I know you seem to think netflow v9 is absolutely necessary - but it isn't. It's really nice to have, yes - necessity, no (not at home). If you must have netflow at home I recommend ntop (free but limited), or Solarwinds Realtime Netflow Analyzer (free, but no saved history).

At work we switched to Solarwinds from Cacti and OpenNMS. We ran for years on those two, but to implement Solarwinds we shelled out $20K. Free was a great price while those tools were sufficient. As a matter of fact, we never would have been able to justify the price of Solarwinds if we hadn't used Cacti and OpenNMS first to prove to management that it was a necessity.
 
SpaceHonkey said:
To non-profits and schools, free is a real hard price to beat. Same for something at home. Given, to really know what you're doing you need to understand SNMP and linux (usually). But if you're not willing to learn - you're going to have to pay for something.

I know you seem to think netflow v9 is absolutely necessary - but it isn't. It's really nice to have, yes - necessity, no (not at home). If you must have netflow at home I recommend ntop (free but limited), or Solarwinds Realtime Netflow Analyzer (free, but no saved history).

At work we switched to Solarwinds from Cacti and OpenNMS. We ran for years on those two, but to implement Solarwinds we shelled out $20K. Free was a great price while those tools were sufficient. As a matter of fact, we never would have been able to justify the price of Solarwinds if we hadn't used Cacti and OpenNMS first to prove to management that it was a necessity.
Click to expand...


/sigh

Cacti is special because it's free? I'm not sold, you can google free snmp monitor and get a crap ton of results.

Is Netflow v9 needed? No. Neflow v5 is just stupid. Enable ip route cache flow on every interface so we can see ingress traffic, so we can tell you what the egress traffic is.

As I've mentioned twice already in this thread, PRTG fits the bill perfectly. Super easy to install, works on all versions of windows (gasp.. it's not linux based zomg), doesn't lose data if it reboots (wtf ntop) and supports netflow v9. It's free to 10 sensors (enough for home use) and really, if your company can't afford a 100 licenses for $400 you shouldn't be in business anyway.

We use NetQoS, which btw, blows every other product, SNMP and Netflow related, out of the water. However, for the rather large company I work for, the cost was nearly 7 figures. I guess you get what you pay for. :rolleyes:
 
yup i've decided to look into PRTG, so far so good, havne't delved that deep into it ye though
 
You must log in or register to reply here.
Back
Top