[unisog] Quota system based on netflows

Peter Van Epp vanepp at sfu.ca
Mon Jan 29 21:02:42 GMT 2007


On Mon, Jan 29, 2007 at 12:41:48PM -0600, Joe Bazeley wrote:
> We're looking to implement a bandwidth-limiting system for our
> residential users, something on the order of "if you use more than X
> gigs in a 24 hour period we'll put a bandwidth cap on your connection
> until the time period resets".  I've heard other schools do this by
> monitoring netflow data and putting some scripts together around that
> data.  If there are any schools who have implemented something like this
> in a Cisco environment and would be willing to answer some questions
> about their setup, please send me an email and I'll follow up with
> specific questions.
> 
> Thanks,
> 
> Joe Bazeley
> Loyola University Chicago
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog

	While I'm not using it for quota (other than to occasionally whack 
the incautious on our campus network that don't listen to warnings) because 
our resnet is contracted out), argus (http://www.qosient.com/argus) will do 
this for you independent of your router (i.e. connected to a network tap on 
your outbound link). The advantage is that it can't affect your link if it 
gets overloaded (whereas netflow can affect your router). There are some
example perl scripts that extract traffic data from argus data on 
ftp.sfu.ca in /pub/unix/argus/argus.traffic.perl.tar.gz

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada


More information about the unisog mailing list