[CentOS-virt] how to monitor each VM's traffic?

Fri Aug 8 16:30:42 UTC 2008
Luke S Crawford <lsc at prgmr.com>

"Rudi Ahlers" <rudiahlers at gmail.com> writes:

> Sure, that's for XEN, but it's not very effective. I need graph the traffic
> for each VM, not the vif - the vifs tend to change on a reboot, and also
> reset with the stats.

set vifnam=xenname in the vif=[] statement and  you can give the interfaces
symbolic names that don't change every reboot (the snmp mib number still
changes, but the snmp name stays the same.  you need to setup cacti to
map  the names to numbers often. )

snmpd in the dom0 will then report for each interface as if the dom0 was a 
switch, and you can use cacti or mrtg or whatever to aggrigate interface 
counts.  cacti or mrtg or whatever will take care of dealing with reboots
resetting the counters.

Like any layer2 bridge, you need to be careful of your arp cache... if someone
poisions your arp cache, all traffic will go to all DomUs, messing up your
counter.   But I've had plenty of co-lo providers with that problem on 
physical switches, so maybe that is acceptable.

That said, at prgmr.com, I just run bandwidthd at the head of my network.
I hang bandwidthd off of a SPAN port attached to my uplink.    The big problem
here is that it only supports ipv4.  the v6 traffic is free.  free!  but it
works with whatever virt tech you use as long as you trust the to/from IP
addresses, and as long as all your traffic is IPv4