Networking

Monitoring (featured logo)

Nfsen: Traffic Classification

Nfsen is open source sensor: it accepts netflow data from multiple netflow probes (servers, routers, vpn concentrators etc) and then visualizes it into human readable form. So using Nfsen you can see traffic statistics of every network device in your network in one place (actually Nfsen provides much more features).

By default Nfsen makes it possible to see only inbound and outbound traffic statistics but no protocol breakdown or any traffic classification. In the meantime it’s always useful to know what network applications are eating the bandwidth to understand if that fits baseline or not and take necessary actions. For example, if you’re monitoring Linux server which primary task is to host some website but in Nfsen you see that it generates 90% of SSH traffic and only 10% of web traffic then it would be reasonable idea to check if somebody is trying to brute force SSH password and stop that activity. In other words it’s better to have traffic statistics classified. In this article I’ll tell you how to enable traffic classification in Nfsen.

rrdgraph
Read More »Nfsen: Traffic Classification

Cisco (featured logo)

The Implementing Cisco IP Routing (CCNP Route 642-902). Materials for efficient preparation to the exam.

A few days ago I have successfully passed 642-902 exam (CCNP ROUTE v6) and would like to share the list of materials I have been using to prepare to that exam. To get prepared I was using official Cisco Press training resourses, lab simulations and… Read More »The Implementing Cisco IP Routing (CCNP Route 642-902). Materials for efficient preparation to the exam.

Monitoring (featured logo)

Install nfdump and nfsen netflow tools in Linux

Using nfsen it is possible to view IP traffic statistics on Linux interfaces including the graphs showing data sent and received (see the screenshot to the right) as well as historical information about all data transfers. So after you’ve configured nfsen and nfdump to monitor… Read More »Install nfdump and nfsen netflow tools in Linux

Cisco (featured logo)

How to monitor traffic at Cisco router using Linux (Netflow)

By default Cisco IOS doesn’t provide any traffic monitoring tools like iftop or iptraff available in Linux. While there are lots of proprietary solutions for this purpose including Cisco Netflow Collection, you are free to choose nfdump and nfsen open source software to monitor traffic… Read More »How to monitor traffic at Cisco router using Linux (Netflow)

Google (featured logo)

Google Public DNS: 8.8.8.8 and 8.8.4.4

googleToday Google unveiled its new project: Google Public DNS. It means now anybody can use Google’s DNS managed servers for resolving domain names into IP addresses and back. According to Google it should speedup browsing as well as security. Hope I won’t see adsense ads once tried to load expired domain name (that’s how OpenDNS acts today).

Here are easy-to-remember Google Public DNS IP addresses: 8.8.8.8 and 8.8.4.4.

Read More »Google Public DNS: 8.8.8.8 and 8.8.4.4