We have DELL servers with CENTOS 3 and 4 installed. Application is client/server type.
Does there has way monitor invidual client (PC) network traffic to server?
Thanks.
______________________________________________________________________________________________________ 付費才容量無上限?Yahoo!奇摩電子信箱2.0免費給你,信件永遠不必刪! http://tw.mg0.mail.yahoo.com/dc/landing
----- "mcclnx mcc" mcclnx@yahoo.com.tw wrote:
We have DELL servers with CENTOS 3 and 4 installed. Application is client/server type.
Does there has way monitor invidual client (PC) network traffic to server?
Thanks.
Have a look at bandwidthd. It will show your traffic by IP address in multiple time increments. It is not present in the standard CentOS or rpmforge repos IIRC. However, its trivial to setup.
Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105
<sarcasm> "Look Ma! I'm bottom posting so the self-named CentOS list police don't come a-knockin' " </sarcasm>
Hello,
Setup iptables rules on the server side for each client and extract the data from there, draw graphics with rrdtool. Another software that you can use is ntop. For bandwidthd grab the src rpm from a fedora 10 repo and recompile it.
Best regards, Adrian
Tim Nelson wrote:
----- "mcclnx mcc" mcclnx@yahoo.com.tw wrote:
We have DELL servers with CENTOS 3 and 4 installed. Application is client/server type.
Does there has way monitor invidual client (PC) network traffic to server?
Thanks.
Have a look at bandwidthd. It will show your traffic by IP address in multiple time increments. It is not present in the standard CentOS or rpmforge repos IIRC. However, its trivial to setup.
Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105
<sarcasm> "Look Ma! I'm bottom posting so the self-named CentOS list police don't come a-knockin' " </sarcasm> _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
mcclnx mcc wrote:
We have DELL servers with CENTOS 3 and 4 installed. Application is client/server type.
Does there has way monitor invidual client (PC) network traffic to server?
nmon can do this, but its fairly involved to setup, and the collection daemon can use quite a lot of CPU (to do this, you need to sniff all traffic, categorize the packets by whatever criteria you're interested in monitoring, and count them)
John R Pierce wrote:
mcclnx mcc wrote:
We have DELL servers with CENTOS 3 and 4 installed. Application is client/server type.
Does there has way monitor invidual client (PC) network traffic to server?
nmon can do this, but its fairly involved to setup, and the collection daemon can use quite a lot of CPU (to do this, you need to sniff all traffic, categorize the packets by whatever criteria you're interested in monitoring, and count them)
Wireshark can do a one-off run with various forms of analysis and filtering - ntop (http://www.ntop.org)is geared towards longer-term summaries. Either must run on the server itself or on a machine connected to a bridged switch port so it has access to all the packets. They have the advantage of being able to do port/protocol analysis though.
Another approach is to run snmp on the clients and use some snmp monitoring tool to collect the interface statistics. Cacti is probably the easiest to set up - opennms (http://www.opennms.org) is more comprehensive.
On Jan 6, 2009, at 6:31 AM, mcclnx mcc wrote:
We have DELL servers with CENTOS 3 and 4 installed. Application is client/server type.
Does there has way monitor invidual client (PC) network traffic to server?
I would suggest either
A) Run tcpdump from the server with a filter to only examine the packets from or to the client. The server is already receiving these packets, so now its just logging them. Take a bit of disk I/O, but usually not a big deal unless this is a database server or file server and it slows down file access. Still usually moot unless DB or I/O intensive server.
B) Connect a laptop or workstation to a mirror port on your network switch, or whatever your vendor wants to call their 'bridged', 'administrative' port that receives traffic for all ports. If you have a hub ignore the port 'type' and just plugin. Now run tcpdump again filtering everything but packets from that IP or MAC.
Afterwords you can take the file it creates and open it with wireshark to help you dig through it and figure out what was being sent back and forth.
Trevor Benson A1 Networks
-
Adrian Joian -
John R Pierce -
Les Mikesell -
mcclnx mcc -
Tim Nelson -
Trevor Benson