nanog mailing list archives
Re: Open source Netflow analysis for monitoring AS-to-AS traffic
From: Tore Anderson <tore () fud no>
Date: Thu, 28 Mar 2024 11:02:03 +0100
On 27/03/24 01:04, Brian Knight via NANOG wrote:
What's presently the most commonly used open source toolset for monitoring AS-to-AS traffic?I want to see with which ASes I am exchanging the most traffic across my transits and IX links. I want to look for opportunities to peer so I can better sell expansion of peering to upper management.
…
pmacct seems to be good at gathering Netflow, but doesn't seem to analyze data. I don't see any concise howto guides for setting this up for my purpose, however.
pmacct will do what you want and it's not particularly difficult to set it up.
For example, you can aggregate data into a database using: aggregate[in]: src_as,src_net,src_mask aggregate[out]: dst_as,dst_net,dst_maskNow you can issue SQL queries that tell you which ASes or prefixes you send/receive the most bits or packets to/from.
Tore
Current thread:
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic, (continued)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Tom Beecher (Mar 28)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Nick Hilliard (Mar 28)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Saku Ytti (Mar 28)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Steven Bakker (Mar 29)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Peter Phaal (Mar 29)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Steven Bakker (Mar 31)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Saku Ytti (Mar 29)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Peter Phaal (Mar 28)
- Re: Open source Netflow analysis for monitoring AS-to-AS traffic Saku Ytti (Mar 28)