08-07-2008 04:44 AM - edited 03-11-2019 06:27 AM
I have a Cisco IOS firewall configured and customer would like to know what traffic inbound is using the most traffic.
Customer received report from service provider that shows high traffic utilization on their internet connection and customer wants to know what traffic is mostly using their bandwidth.
What commands can I run on the IOS firewall to get an idea what protocol/traffic is maximizing their internet bandwidth?
08-07-2008 05:05 AM
Hi,
Enable Netflow on the router and use Netflow analyser tool to get the reports.
http://manageengine.adventnet.com/products/netflow/index.html
http://manageengine.adventnet.com/products/netflow/help/cisco-netflow/setup-cisco-netflow.html
08-11-2008 07:44 AM
Hi,
as mentioned by the other poster, the best and more complete solution is netflow. Although netflow support is included in IOS and is easy to configure, unfortunately netflow collectors and analyzers are mostly commercial.
There is also some open source netflow products though, but they tend to be more complicated to use & configure. You can try for example ntop, but just google around a little bit and you'll find some more.
On the other, for a quick snapshot of protocol use in your router, if you have NBAR protocol discovery activated in your interfaces, just issue the following command:
# sh ip nbar protocol-discovery int YOUR_INTEFACE_GOES_HERE
That should show a traffic summary by protocol (last 5min I think) for protocols recognized by NBAR.
Jut remember, NBAR has to be activated on the corresponding interface prior to issuing the command above!
Cheers,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: