Wednesday, January 05, 2011

flow accounting vyatta

sample monitor flow via command line vyatta

[edit]
ruamit@Core-BKK02# edit system
[edit system]
[edit system]
ruamit@Core-BKK02# set flow-accounting interface eth0
[edit system]
ruamit@Core-BKK02# set flow-accounting interface eth2
config
ruamit@Core-BKK02# show flow-accounting
interface eth0
interface eth2
[edit system]
ruamit@Core-BKK02#


Check Flow command
ruamit@Core-BKK02# run show flow-accounting
flow-accounting for [eth0]
Src Addr Dst Addr Sport Dport Proto Packets Bytes Flows
218.107.216.54 192.168.26.4 80 37666 tcp 169 228481 1
216.131.84.113 192.168.26.4 80 52190 tcp 146 192031 1
216.131.84.113 192.168.26.4 80 54542 tcp 119 146697 1
216.131.84.113 192.168.26.4 80 42359 tcp 101 119101 1
216.131.84.113 192.168.26.4 80 35811 tcp 94 116388 1
216.131.84.113 192.168.26.4 80 38051 tcp 105 115260 1
216.131.84.113 192.168.26.4 80 56465 tcp 95 104146 1
216.131.84.113 192.168.26.4 80 55010 tcp 74 102579 1
216.131.84.113 192.168.26.4 80 34760 tcp 59 58314 1
216.131.84.113 192.168.26.4 80 46918 tcp 39 44855 1
66.220.158.32 192.168.26.4 80 51976 tcp 8 3965 1
66.220.149.11 192.168.26.4 80 41444 tcp 8 3651 1
72.14.203.113 192.168.26.4 80 47088 tcp 11 3230 1
69.63.180.48 192.168.26.4 80 38182 tcp 14 2121 1
68.169.43.123 192.168.26.4 80 57355 tcp 3 1506 1
203.144.207.29 192.168.26.4 53 54391 udp 7 1174 4
72.14.203.102 192.168.26.4 80 59484 tcp 6 1046 1
209.85.231.104 192.168.26.4 80 54087 tcp 4 529 1

Total entries: 18
Total flows : 21
Total pkts : 1,062
Total bytes : 1,245,074

flow-accounting for [eth2]
Src Addr Dst Addr Sport Dport Proto Packets Bytes Flows
192.168.201.1 192.168.201.253 1688 8080 tcp 8 4064 2
192.168.201.1 192.168.201.253 1682 8080 tcp 58 4061 2
192.168.201.1 192.168.201.253 1667 23 tcp 91 3703 0
192.168.201.1 192.168.201.253 1691 8080 tcp 8 3572 3
192.168.201.1 192.168.201.253 1535 8080 tcp 6 3192 2
192.168.201.1 192.168.201.253 1686 8080 tcp 6 2015 2

Total entries: 6
Total flows : 11
Total pkts : 177
Total bytes : 20,607

[edit system]
ruamit@Core-BKK02#



sample send netflow to netflow server

ruamit@Core-BKK02# show flow-accounting
interface eth0
interface eth2
netflow {
sampling-rate 1
server 192.168.201.1 {
port 9996
}
}
[edit system]

Tuesday, January 04, 2011

Sample QoS Vyatta

i've 2 network. One is wireless and one is LAN line

scope

lan line limit traffic 15mbit used http https dns pop3 minimum 60% other minimum 20%
wiless limit 5mbit used http https dns pop3 minimum 60% other minimum 20%

here is sample config

set traffic-policy shaper 5m bandwidth '5120kbit'
set traffic-policy shaper 5m class 2 bandwidth '60%'
set traffic-policy shaper 5m class 2 ceiling 100%
set traffic-policy shaper 5m class 2 match dns ip protocol 'udp'
set traffic-policy shaper 5m class 2 match dns ip source port '53'
set traffic-policy shaper 5m class 2 match http ip protocol 'tcp'
set traffic-policy shaper 5m class 2 match http ip source port '80'
set traffic-policy shaper 5m class 2 match https ip protocol 'tcp'
set traffic-policy shaper 5m class 2 match https ip source port '443'
set traffic-policy shaper 5m class 2 match pop3 ip protocol 'tcp'
set traffic-policy shaper 5m class 2 match pop3 ip source port '110'
set traffic-policy shaper 5m class 2 queue-type 'fair-queue'
set traffic-policy shaper 5m default bandwidth '20%'
set traffic-policy shaper 5m default ceiling 100%
set traffic-policy shaper 5m default queue-type 'fair-queue'

set traffic-policy shaper 15m bandwidth '15mbit'
set traffic-policy shaper 15m class 2 bandwidth '60%'
set traffic-policy shaper 15m class 2 ceiling 100%
set traffic-policy shaper 15m class 2 match dns ip protocol 'udp'
set traffic-policy shaper 15m class 2 match dns ip source port '53'
set traffic-policy shaper 15m class 2 match http ip protocol 'tcp'
set traffic-policy shaper 15m class 2 match http ip source port '80'
set traffic-policy shaper 15m class 2 match pop3 ip protocol 'tcp'
set traffic-policy shaper 15m class 2 match pop3 ip source port '110'
set traffic-policy shaper 15m class 2 match https ip protocol 'tcp'
set traffic-policy shaper 15m class 2 match https ip source port '443'
set traffic-policy shaper 15m class 2 queue-type 'fair-queue'
set traffic-policy shaper 15m default bandwidth '20%'
set traffic-policy shaper 15m default ceiling 100%
set traffic-policy shaper 15m default queue-type 'fair-queue'
commit

set interfaces ethernet eth0 traffic-policy out '15m'
set interfaces wireless wlan0 traffic-policy out '5m'
commit


Note Wireless work well as kernel 2.6.32 last or used lasted vyatta iso file