How can you accurately measure bandwidth on a dedicated server? I understand that typically, web server logsare used to measure bandwidth, but I don't see how this would work with a dedicated. There are 2 reasons:

1) If the customer has root access, they can wipe out the log, or edit it - thus invalidating it.

2) If you don't maintain a log in to the box (or the box user removes your log in) - how do you even get to the logs?

My thought is that there is a router, managed hub or switch out there that allows measurement of Data Transfer in and out of a port. Can anyone explain this to me and point me to the appropriate hardware?

Thanks - Brian

Originally posted by bteeter
How can you accurately measure bandwidth on a dedicated server? I understand that typically, web server logsare used to measure bandwidth, but I don't see how this would work with a dedicated. There are 2 reasons:

1) If the customer has root access, they can wipe out the log, or edit it - thus invalidating it.

2) If you don't maintain a log in to the box (or the box user removes your log in) - how do you even get to the logs?

My thought is that there is a router, managed hub or switch out there that allows measurement of Data Transfer in and out of a port. Can anyone explain this to me and point me to the appropriate hardware?

Thanks - Brian

Using the logs is not reliable enough (for the reasons that you mention). Most (professional) routers/switches has management capabilities. You can then use SNMP to retrieve the number of bytes transferred in/out over the network.

You can then use a program like MRTG to graph the data - or other software to bill customers according to traffic usage.

--
Jens Kristian Søgaard, Mermaid Consulting I/S,
jens@mermaidconsulting.dk,
http://www.mermaidconsulting.com/

Most intelligent switches provide SNMP-accessible counters. You can feed those to MRTG or whatever your favorite tool may be.

The other alternative is to use firewall packet counters. Even if you're not actively filtering access to servers it is "polite" to at least filter packets exiting the servers to make sure the source IP addresses are reasonable. It could also be very useful to monitor various ports to detect RPC scans etc. (going both in and out).

I use MRTG to monitor bandwidth on our switches. URL is:
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/mrtg.html

Originally posted by jks


Using the logs is not reliable enough (for the reasons that you mention). Most (professional) routers/switches has management capabilities. You can then use SNMP to retrieve the number of bytes transferred in/out over the network.

You can then use a program like MRTG to graph the data - or other software to bill customers according to traffic usage.

--
Jens Kristian Søgaard, Mermaid Consulting I/S,
jens@mermaidconsulting.dk,
http://www.mermaidconsulting.com/

So what types of routers do this? We are looking at acquiring either a Cisco 1720 or Cisco 2620. Would these work? What about other routers, like Lucent's routers?

Thanks - Brian

Those routers may be able to do it, but it'd be better to use a switch like a Cisco Catalyst, HP Procurve, 3com Superstack, something of that nature....

I think the Linux based routers from ImageStream can do bandwidth monitoring....

Emerging Technologies makes bandwidth shaping routers...

Originally posted by JTY
Those routers may be able to do it, but it'd be better to use a switch like a Cisco Catalyst, HP Procurve, 3com Superstack, something of that nature....

I think the Linux based routers from ImageStream can do bandwidth monitoring....

Emerging Technologies makes bandwidth shaping routers...

Cool, thanks.

What about using a Windows or Linux box as a firewall? In theory you should be able to monitor traffic to IP's. This would work for dedicated boxes, and then you could use server logs on shared servers.

Is there a solution like this available for Linux?

Thanks - Brian

Originally posted by bteeter

What about using a Windows or Linux box as a firewall? In theory you should be able to monitor traffic to IP's. This would work for dedicated boxes, and then you could use server logs on shared servers.

Is there a solution like this available for Linux?


Yes. $YOURFAVORITEFIREWALL should be able to do this. Personally I'd suggest Free/Open BSD + ipfw rather than linux for this purpose, (mostly for religious reasons which need not be discussed here), but you should be able to do this with linux.

Check out this URL (http://phpsysinfo.sourceforge.net/) for an easy tool to use. :cool:

OpenBSD would work well.... and be much cheaper than buying a router.... but of course then you should still get a switch, but an unmanaged one to connect the servers to.