[unisog] Quota system based on netflows
jtk at depaul.edu
Tue Jan 30 16:02:30 GMT 2007
On Tue, 30 Jan 2007 10:41:55 -0500
Valdis.Kletnieks at vt.edu wrote:
> You'd be better off using something that polls the switches every N seconds/minutes
> and counts the per-port packets/bytes sent (assuming SNMP-managed infrastructure).
That's another way to do if, if you're going to do it at all, but I
am not sure it's "better".
Just keep in mind the potential for problems. If I wanted to DoS a
student off the net down the hall from me, all I have to do is send
lots of packets that will solicit a response (and if nothing else,
ARP'ing for the station's address will work).
Additionally, in most insitutions where there is a switch port to the
student, that initial and perhaps a couple hops farther upstream are
effectively "free" capacity. That is, it's paid for and is for all
practical purposes limitless (since all the good stuff that drives
people to measure this anyway is usually occurring on apps that run
up the off-campus link costs). I would encourage people to work on
solving the "real problem" as effectively and as simply as possible.
More information about the unisog