About
netraf is a
programming project being in realization at
Institute of
Computer Science at
Wroc³aw University
(in Poland) as
our
License Work.
Project's main target is to develop application helping
in some aspects of Network Load Profiling.
Background
Wait a minute... There are many applications like that - so
why write another? For a simple reason - I couldn't find one which solves
following problems:
Let's say we need to know how much data (GB, MB, kB... whatever)
are passing particular network interface on our machine monthly. How to do it? We can
read that information exported from kernel (/proc/net/dev) via
ifconfig, but linux is storing it in two integer (32 bit) variables
(one for RX, one for TX), so after transmitting about 4GB of data via device, this
counters will overflow - their contents are useless for us. Of course we have
packet counters per device, but every packet has different size... Beside this;
what happens when for some reason (e.g. no power for a while) machine needs
to be restarted?
Second way is to run
IPTraf or similar program
as a daemon (or in a screen
session), and then use one from the bunch of log-analisys script to gather
information we need. But this solution (beside it's inelegant nature) has some
disadvantages:
you can't run any log-analyzing script while logging
application is working - log files are empty (at least those with
statistics - like that from IPTraf's
LAN Station Monitor), so you have to break logging, make analyze, and
start logging again - very bad,
if you're doing something like:
tcpdump -i eth0 -n -vvv > ./somelog.txt & - yes, contents of logfile
are accessible immediately, but wait a week and check that file size...,
as mentioned above this solution is also not immune to
sudden, random machine restarts,
The same problems we can met if we want to generate monthly
(quarterly, yearly...) statistics for certain (or all) machines in a LAN (of course we're
talking about gathering statistics on some router/firewall/NAT machine etc...).
Beside of everything; you can of course find some way to survey certain network
parameters via log-inspecting scripts - I'm not claiming that it's impossible, but
it would be extremely hard to automate.
Challenge
Assume hypothetical situation:
We are spreading internet connection to several users but have some transfer limit.
We want to be fair to every user, and we want that everyone have equal chances
to enjoy internet resources. But users - like users; one of them only receiving/sending
emails, using chats, reading web-pages etc..., while others are using P2P networks,
listening to internet radios, downloading huge
ISOs etc.
We must find method to measure every user transfer and restrict him for example only
to ICMP echo request/answers in case he exceed his limit
(e.g. user_lmit = global_limit / number_of_users). Of course we're not talking
about buying an dedicated, expensive hardware solution
for this.
Solution
Of course - netraf!! We can assign rule to each
machine's MAC address which defines maximal transfer per some period and define action
what to do when rule's limit is exceeded (it could be for example script running
tc or iptables with appropriate
arguments).
Vision
Thus, we could go further; using netraf an
administrator can notice that while some users exceeds theirs transfer limits, others
don't. With an eye to possibly best and efficient connection usage he can gradually
increase transfer limits for first group of users and proportionally decrease for second.
M.S.
|