getting counters for a plenty of vlan ifaces
Zaphod Beeblebrox
zbeeble at gmail.com
Mon Sep 17 02:28:39 UTC 2012
On Sun, Sep 16, 2012 at 6:00 PM, Mike Tancsa <mike at sentex.net> wrote:
> On 9/16/2012 10:41 AM, Ivan Alexandrovich wrote:
>>
>> We are running freebsd9.0 on a router with
>> more than 1000 of subscriber's vlan interfaces.
>> Outgoing packet rate is approximately 40 kpps.
>>
>> There's a need to collect bytes and packets
>> counters for all those vlan interfaces every
>> minute (or even twice a minute) and store them
>
> Hi,
> We approach it a little differently and collect all the data via
> netflow, or in this case argus. I sample the parent interface and save
> all the flow data which argus is smart enough to parse out at the vlan
> level. You can then run all sorts of fine grained reports this way. We
> use it on a system with about 900 ng interfaces.
I know that many people like netflow, but consider you're adding a
processing point per packet to solve a once per minute interface
sample. Netflow has always struck me as a solution for closed systems
--- giving access to all possible information at moderate expense such
that you would then never have an excuse to want changes in the
operating system of the router.
It strikes me that a little kernel module that provided a kernel call
that (when called) walked the list of interfaces (in kernel) building
a table as described and then shipping that table to userland in one
go would be exceedingly cheep to call. It would also not be part of
the packet forwarding path and not a potential constant cost during a
DDOS. If someone wanted me to write a little .ko for that and an
associated userland utility, I'd be happy to do the work.
More information about the freebsd-net
mailing list