  • Hey All,

    We have a relatively small Internet connection compared to today's standards (30 Mbps), and recently we've been maxing it out. I want to determine if this is legitimate usage, or if there is something abnormal going on.

    I have Zenoss set up which gives me pretty MRTG graphs for the interfaces on our routers and switches, but I'm looking to collect more granular data. This is what is showing me we're using basically all of our Internet bandwidth. It is only during business hours, so it's not some host going rogue at night...which makes me feel a little better.

    I think the next step is to mirror the port that connects our LAN to our firewall and monitor that traffic. I'm looking for something that'll basically tell me bandwidth usages based on source/destination IPs.

    Any recommendations? My preference would be free and Linux based, but inexpensive and/or Windows based can work if I have to... 😃

    For what it's worth, we're using a Cisco ASA 5510 for our firewall. I'm sure it has a feature that will assist me with this that I just don't know about.


  • If you set up PRTG and pull snmp data from your switch(es) you can usually get this kind of visibility.

  • I use iftop as well.

  @RamblingBiped said in Bandwidth Usage By Host:

    I use iftop:

    @Romo said in Bandwidth Usage By Host:

    I use iftop as well.

    Oooh, so if I mirror the port connecting to our WAN and put the NIC in promiscuous mode, iftop should give me what I'm looking for?

