A Scalable Architecture for Network Traffic Monitoring and Analysis Using Free Open Source Software

The lack of current network dynamics studies that evaluate the effects of new application and protocol deployment or long-term studies that observe the effect of incremental changes on the Internet, and the change in the overall stability of the Internet under various conditions and threats has made network monitoring challenging. A good understanding of the nature and type of network traffic is the key to solving congestion problems. In this paper we describe the architecture and implementation of a scalable network traffic moni-toring and analysis system. The gigabit interface on the monitoring system was configured to capture network traffic and the Multi Router Traffic Grapher (MRTG) and Webalizer produces graphical and detailed traffic analysis. This system is in use at the Obafemi Awolowo University, IleIfe, Nigeria; we describe how this system can be replicated in another environment.

[1]  Jeffrey D. Case,et al.  Simple network management protocol , 1995 .

[2]  Larry L. Peterson,et al.  The x-Kernel: An Architecture for Implementing Network Protocols , 1991, IEEE Trans. Software Eng..

[3]  Luca Deri,et al.  Practical network security: experiences with ntop , 2000, Comput. Networks.

[4]  David Watson,et al.  An extensible probe architecture for network protocol performance measurement , 2004, Softw. Pract. Exp..

[5]  John S. Heidemann,et al.  Experiences with a continuous network tracing infrastructure , 2005, MineNet '05.

[6]  James Won-Ki Hong,et al.  WebTrafMon: Web-based Internet/Intranet network traffic monitoring and analysis system , 1999, Comput. Commun..

[7]  Luca Deri,et al.  Effective traffic measurement using ntop , 2000 .

[8]  George Varghese,et al.  Agile and scalable analysis of network events , 2002, IMW '02.

[9]  Farnam Jahanian,et al.  An extensible probe architecture for network protocol performance measurement , 1998, SIGCOMM '98.

[10]  Samuel Madden,et al.  Continuously adaptive continuous queries over streams , 2002, SIGMOD '02.

[11]  Eric Eide,et al.  Knit: component composition for systems software , 2000, OSDI.

[12]  T. Oetiker Monitoring your IT gear: the MRTG story , 2001 .

[13]  Tobias Oetiker,et al.  MRTG: The Multi Router Traffic Grapher , 1998, LISA.

[14]  Luca Deri,et al.  Monitoring networks using ntop , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).

[15]  David J. DeWitt,et al.  NiagaraCQ: a scalable continuous query system for Internet databases , 2000, SIGMOD 2000.

[16]  EDDIE KOHLER,et al.  The click modular router , 2000, TOCS.

[17]  Jeffrey D. Case,et al.  Simple Network Management Protocol (SNMP) , 1989, RFC.

[18]  David J. DeWitt,et al.  NiagaraCQ: a scalable continuous query system for Internet databases , 2000, SIGMOD '00.