HPE Community
Operating System - HP-UX
1834030 Members
2366 Online
110063 Solutions
New Discussion

Re: Howto do packet accounting with nettl and netfmt?

 
Ralph Grothe
Honored Contributor

‎03-27-2006 06:47 PM

‎03-27-2006 06:47 PM

Howto do packet accounting with nettl and netfmt?

Hello,

I wonder how one would set up packet accounting with nettl/netfmt.
For instance with an iptables/netfilter enabled kernel on a Linux box this is simply done with single rule for the INPUT, OUTPUT, FORWARD chain that doesn't really filter (viz. ACCEPT policy),
but this already suffices to have the kernel do the accounting.
The reason why I ask if and how something similar could be done with standard HP-UX OS tools is beacuse on the clusters packages always have their IP addresses aliased to the same PPA (e.g. lan4:1).
Now while the
lanadmin -g mibstats 4
command would give me the counters for in and outbound octets,
it however doesn't distinguish between individual aliased IP addresses but refers to the entire NIC.
I rather would like to have the counters for e.g. lan4:1, lan4:2, lan4:3
Maybe this could be done with Glance/MeasureWare but one ususally doesn't have a license for these add-ons on every HP box (at least at our site).
But I would assume this could be done with standard tool like nettl/netfmt or the HP port of the BSD netfilter?
Has anyone of you something running like this?

Ralph
Madness, thy name is system administration
0 Kudos
Reply
7 REPLIES 7
Muthukumar_5
Honored Contributor

‎03-27-2006 06:50 PM

‎03-27-2006 06:50 PM

Re: Howto do packet accounting with nettl and netfmt?

Try as,

# netstat -ivn

which will give those packets count per interface.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
RAC_1
Honored Contributor

‎03-27-2006 06:54 PM

‎03-27-2006 06:54 PM

Re: Howto do packet accounting with nettl and netfmt?

netstat -in it self show in, out packets and errors. Will it suffice?
There is no substitute to HARDWORK
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎03-27-2006 08:06 PM

‎03-27-2006 08:06 PM

Re: Howto do packet accounting with nettl and netfmt?

Hello Muthu, hello RAC,

yes it probably would if I knew how In and Out Packets translate to octets.
Therefore I fear I also would require the sizes of the packets, or at least some average packet size.
But wait, maybe I could work out some corrolation parameter by comparing the mibstat counts from lanadmin with the packet counts from netstat -in?

You see I want to do rrdtool graphing where tools like Munin or Orca usually chart Bps or Mbps.

Why do the systems programmers do this kind of obfuscation as far as units are concerned?
Sometimes I have the impression because sound comparable figures that are based on agreed upon standards aren't really wanted by competing HW and SW vendors.
Madness, thy name is system administration
0 Kudos
Reply
RAC_1
Honored Contributor

‎03-27-2006 08:13 PM

‎03-27-2006 08:13 PM

Re: Howto do packet accounting with nettl and netfmt?

packet size for nic would be the MTU set for that NIC.
There is no substitute to HARDWORK
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎03-27-2006 08:15 PM

‎03-27-2006 08:15 PM

Re: Howto do packet accounting with nettl and netfmt?

You can get lan Maximum transfer unit (MTU) size as,

for ppa in `lanscan -p`
do

lanadmin -m ${ppa}

done

will give that.

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎03-27-2006 08:31 PM

‎03-27-2006 08:31 PM

Re: Howto do packet accounting with nettl and netfmt?

Yes, I know that the MTU in Ethernets is set to roughly the largest frame size which is abt. 1500 octets.
But is it correct to assume that every packet actually fills up the whole allowed MTU frame?
What about smaller packets.
But maybe it's a good enough estimate if the majority of packets are segmented to fill up the MTU entirely?

BTW, the MTUs are overwhelmingly left to default 1500 (apart from a few crypto GWs that require allowance for their headers),
as for instance on this box with three NICs.

# lanscan -p|xargs -n1 lanadmin -m|tr -dc '[[:digit:]\012]'
1500
1500
1500
Madness, thy name is system administration
0 Kudos
Reply
RAC_1
Honored Contributor

‎03-27-2006 08:47 PM

‎03-27-2006 08:47 PM

Re: Howto do packet accounting with nettl and netfmt?

I have this script, that would give you KB/s trafiic, but again, it is only for physical interfaces and not for virtual interfaces.

let z=0

let y=$(lanadmin -g mibstats 0|grep -i oct|grep Inbound|awk '{print $4}')

let y2=$(lanadmin -g mibstats 0|grep -i oct|grep Outbound|awk '{print $4}')

while true

do

let x=0

sleep 1

x=$(lanadmin -g mibstats 0|grep -i oct|grep Inbound|awk '{print $4}')

x2=$(lanadmin -g mibstats 0|grep -i oct|grep Outbound|awk '{print $4}')

let t=$x-$y

let t2=$x2-$y2

let y=$x

let y2=$x2

let z=$z+1

let t=$t/1000

let t2=$t2/1000

echo "${t} Kb/s inbound, ${t2} Kb/s outbound"

done
There is no substitute to HARDWORK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.