[mrtg] Re: Mrtg
Daniel J McDonald
dmcdonald at digicontech.com
Wed Oct 18 16:28:40 MEST 2000
I don't know if anyone has given you a solution for this yet, but here goes:
1. run recent version of IOS.
2. Enable CAR, e.g:
interface Ethernet0/0
ip address 172.16.17.1 255.255.255.0
ip helper-address 129.3.0.15
rate-limit input access-group 140 64000 8000 8000 conform-action
set-prec-transmit 0 exceed-action drop
rate-limit input access-group 110 448000 448000 448000 conform-action
set-prec-transmit 4 exceed-action set-prec-transmit 3
rate-limit input access-group 120 448000 448000 448000 conform-action
set-prec-transmit 3 exceed-action set-prec-transmit 2
rate-limit input access-group 130 448000 448000 448000 conform-action
set-prec-transmit 2 exceed-action set-prec-transmit 1
rate-limit input 448000 448000 448000 conform-action set-prec-transmit 1
exceed-action set-prec-transmit 0
You probably don't want the drop bit - I have that because of some political
requirements.
You then set up access-lists for the different groups. In your case, you
might have:
ip access-l extended 140
permit tcp any any eq 80
Then, you can monitor the traffic matched by the access-list through CAR by
the following OID:
Target[amarillo_state]:
enterprises.9.9.113.1.2.1.1.2.2.1.1&enterprises.9.9.113.1.2.1.1.4.2.1.1:1187
4 at 172.16.17.1
MaxBytes[amarillo_state]: 7000
Title[amarillo_state]: Traffic Analysis for Et0/0 -- Amarillo State Traffic
PageTop[amarillo_state]: <H1>Traffic Analysis for Et0/0 -- Amarillo State
Traffic</H1>
Legend1[amarillo_state]: Allowed Traffic
Legend2[amarillo_state]: Dropped Traffic
A word of caution: the last bit of the oid is significant.
enterprises.9.9.113.1.2.1.1.2 is the prefix. the next number is the ifindex
of the interface that has CAR applied to it. I'm not certain about the next
1, and the last digit is the access-list that you are monitoring (e.g, the
first one). Sandu Mihai wrote a patch for an earlier version of code that
made that easier to implement, but I don't think it has been incorporated in
the main release of 2.9.
> -----Original Message-----
> I would like to get the traffic from my routers regarding
> only one TCP port,
> is it possible and how ?
> Many thanks,
> Philippe
Daniel J McDonald - CCIE 2495, CNX
Principal Network Specialist
Digicon Technologies
http://www.digicontech.com
dmcdonald at digicontech.com
Digicon - A Cisco Systems Partner, Premier Certified.
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the mrtg
mailing list