flow export stuff
Barry Raveendran Greene
bgreene at cisco.com
Mon Nov 30 13:27:31 UTC 1998
Hello Alex,
I've attached the answer I usually send out in Asia. If you hear of anymore
tools, please let me know and I'll add them to the list.
My usual advice to ISPs is to start with cflowd (the new CAIDA version) and
NetFlowMet. In fact, CAIDA is looking for a site to try the new version of
cflowd on a LINUX box - hint hint ;-)
Barry
=======================
General Information page for Cisco Netflow services
---------------------------------------------------
http://www.cisco.com/warp/public/732/netflow/
Cisco's NetFlow FlowCollector v2.0 and NetFlow FlowAnalyzer v2.0
----------------------------------------------------------------
http://www.cisco.com/warp/public/732/netflow/netan_ov.htm
3rd Party Solutions
-------------------
Belle Systems http://www.belle.dk
Solect http://www.solect.com
XACCT Technologies http://www.xacct.com
Apogee Networks, Inc. http://www.Apogeenet.com
RODOPI http://www.rodopi.com
Joint press releases between 3rd Party vendors and Cisco:
+ Cisco Systems and Solect Technology Group Provide Usage Based Billing
Solution
http://wwwin.cisco.com/Mkt/cc/corp/mkt/pr/solec_pr.htm
+ Cisco Systems and Belle Systems Develop Billing System
http://wwwin.cisco.com/Mkt/cc/cisco/mkt/servprod/gen/bell_pr.htm
Bottom-up develop tools and scripts can be found at:
NETRAMET/NETFLOWMET
The old one and one of the best for TCP/IP flow analysis. NetFlowMet is a
version of the Unix NeTraMet. It's an RTFM meter which takes its data from a
Cisco router using Cisco's NetFlow data. We used NeTraMet by many ISPs using
a simple on an Intel PC with BSD UNIX and a Digital FDDI card. The results
are dumped to a box that did all the flow analysis and posted the results on
an internal Web server.
http://www.auckland.ac.nz/net/Accounting/ntm.Release.note.html
CFLOWD
cflowd is a package for collecting data from Cisco's flow-export. Its
primary motive is collection of data for capacity planning and similar
activities in a network service provider environment. However, it can been
used effectively in other areas, including usage tracking for Web hosting as
well as security-related investigation activities. This tool
was developed by our customers for their own use. It is free and located at:
http://www.caida.org/Tools/Cflowd/
Other scripts based on cflowd are located at:
http://engr.ans.net/cflowd/index.html
http://buckaroo.xo.com/CFLOWD/
The key Cisco documents on NetFlow are constantly updated (because we are
adding new features and functionality all the time). Do a keyword search on
CCO to find all the documentation on NetFlow.
NetFlow tools (flowdata.h, fdrecorder.c, fdplayback.c, fdg.c) that were used
to build cflowd are located on the Cisco's FTP site:
ftp://ftp-eng.cisco.com/ftp/NetFlow/fde/README
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> alex at nac.net
> Sent: Monday, November 30, 1998 9:56 AM
> To: nanog at merit.edu
> Subject: flow export stuff
>
>
>
> I asked this a while ago.
>
> I asked if anyone knew of any good cisco netflow flow collection and
> analyzation tools.
>
> I played with cflowd, and while archaic, it did work.
>
> So, todays question is, is there anything new/gooder/faster that anyone
> knows about?
>
>
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
> Atheism is a non-prophet organization. I route, therefore I am.
> Alex Rubenstein, alex at nac.net, KC2BUO, ISP/C Charter Member
> Father of the Network and Head Bottle-Washer
> Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
> Don't choose a spineless ISP; we have more backbone! http://www.nac.net
> -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
>
>
More information about the NANOG
mailing list