From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Py5tt-00026z-RO for garchives@archives.gentoo.org; Fri, 11 Mar 2011 17:13:18 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7358DE0429 for ; Fri, 11 Mar 2011 17:13:17 +0000 (UTC) Received: from hrndva-omtalb.mail.rr.com (hrndva-omtalb.mail.rr.com [71.74.56.125]) by pigeon.gentoo.org (Postfix) with ESMTP id 9FBD6E06CC for ; Fri, 11 Mar 2011 16:26:52 +0000 (UTC) X-Authority-Analysis: v=1.1 cv=dquaJDitHqzHCdqWSoZ6IgapSuTzW/4TaRYx9N9k4W8= c=1 sm=0 a=Tzz9UdAIEQ8A:10 a=8nJEP1OIZ-IA:10 a=ycB087cP/TvZCXFoqgOVhQ==:17 a=3HDBlxybAAAA:8 a=ORftRM1rAAAA:8 a=9NvjHCV3uSCgR3roT48A:9 a=a_dljsBeY2oJKtInw18A:7 a=2ikdRXQ03i0a7j8wu_lw0K8Vp2YA:4 a=wPNLvfGTeEIA:10 a=ycB087cP/TvZCXFoqgOVhQ==:117 X-Cloudmark-Score: 0 X-Originating-IP: 71.40.157.251 Received: from [71.40.157.251] ([71.40.157.251:34317] helo=[192.168.2.37]) by hrndva-oedge01.mail.rr.com (envelope-from ) (ecelerity 2.2.3.46 r()) with ESMTP id 7C/09-14011-B4D4A7D4; Fri, 11 Mar 2011 16:26:52 +0000 Message-ID: <4D7A4D7B.7020107@tampabay.rr.com> Date: Fri, 11 Mar 2011 11:27:39 -0500 From: wireless User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101214 Lightning/1.0b3pre Thunderbird/3.1.7 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-embedded@lists.gentoo.org Reply-to: gentoo-embedded@lists.gentoo.org MIME-Version: 1.0 To: gentoo-embedded@lists.gentoo.org Subject: Re: [gentoo-embedded] Suggestions for per user bandwidth accounting over a router device? References: <4D7A188A.6050408@wildgooses.com> In-Reply-To: <4D7A188A.6050408@wildgooses.com> X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: 7bcab2e654a426782c44e1e92bc5e26c On 03/11/11 07:41, Ed W wrote: > This is almost certainly the wrong place to ask, but have any clever > folks here got some ideas for doing per user (and eventually per > user/per protocol) accounting for data crossing a router box (running > gentoo)? Architecture Via an iptables router or transparent bridge? Too many issues for advise. What every you do, you'll re-engineer it over and over again. This is why carriers have hundreds of coders and thousands of folks working on their code. It's a task, that is NEVER COMPLETE! (There is a reason the carriers of the world abandoned ATM, as it had this sort of granularity built in....caveat emptor! Method 1 http://conntrack-tools.netfilter.org/ Your going to overwhelm an embedded system with all of this accounting and database, so split it across several systems. Choose the processors wisely and make sure they support massive amounts of ram. Choose your final database wisely and only track what you need. BLOAT will kill the project. Method 2 Adapt an excellent high end NMS (Network Management System) Such as Nagios or JFFNMS to your needs. JFFNMS does quiet a lot with cisco and other routers, pumps data into mysql or postgresql-9; Postgresql-9 has many new features and is my choice, but it's a BEAST to get your arms around. Unlimited scaling and lots of SeLinux support, at least in Gentoo. JFFNMS also supports TACAS and TACAS+, which, if it encompasses what you need, would be your best route to avoid a monstrous amount of coding on your own. I'm sure there are other methods. ANY method you choose will be a gargantuan task to implement and maintain. Many go down this path (bit counting) most fail miserably! I would go with JFFNMS, TACAS+ and Postgresql as the backend database (and sql-ledger). If there are features you require that TACAS+ does not provide build a transparent bridge and use ConnTrak in IPtables, to shove that additional data not provided by TACAS+, into your postgresql database. MySQL might be a better choice for you database depending on how big and what you (your staff) know. For billing purposes, use this software SQL-LEDGER for double entry accounting (it works great with postgresql!) It's been around for a long time and very mature open source. Not sure of the license any more, read up on that..... http://sql-ledger.com/ See you in a year.... TTFN(ta ta for now). James