[unisog] Quota system based on netflows

Mark Boolootian booloo at ucsc.edu
Tue Jan 30 17:45:01 GMT 2007


We've used netflow data for capping top talkers in resnet for several years
to good effect.  It has proved effective enough that it is our primary
method of controlling ISP costs and keeping P2P servers from swamping the
network.  We generate a daily top talker report for the previous day and
those systems that exceed the threshold are blocked for three days from
off-campus access.  Our current system of blocking involves using the Cisco 
Clean Access system that fronts resnet.

We generate 20 to 25 GBytes per day of (uncompressed) netflow records.


More information about the unisog mailing list