[unisog] Quota system based on netflows

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Tue Jan 30 15:41:55 GMT 2007

On Mon, 29 Jan 2007 12:41:48 CST, Joe Bazeley said:
> We're looking to implement a bandwidth-limiting system for our
> residential users, something on the order of "if you use more than X
> gigs in a 24 hour period we'll put a bandwidth cap on your connection
> until the time period resets". 

You'd be better off using something that polls the switches every N seconds/minutes
and counts the per-port packets/bytes sent (assuming SNMP-managed infrastructure).

That greatly lowers your data processing requirements (at our site, we see
on the order of 7-8 *gigabytes* of netflow data per day, while SNMP traffic
for 30K ports every 5 minutes is a *lot* less to deal with....).

Just remember to set N low enough to avoid counter wrap-around issues :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/unisog/attachments/20070130/13a9f280/attachment.bin 

More information about the unisog mailing list