Traffic Analysis

[RadiclDreamer]

I need to find out the average usage on our network. We are planning a remote datacenter and need to make sure we gauge traffic properly. The issue is we have over 1000 clients and 215 or so servers running everything from Win/Unix/AIX/Solaris etc.

What do you guys suggest as far as a way to gauge the amount of bandwidth the clients will be using if we relocate our servers to another datacenter.

Switching environment is 2 Cisco 6509 chasis. One is IOS and one is CATos if it makes a difference.

I really dont want to go port by port to get the data.

 

[1ceHacka]

There are many many tools out there that will monitor a network via SNMP or netflow data. The only limiter is how much are you willing to spend for this tool? I am running a PoC right now on a tool for capacity planning and architecture changes. It delivers great functionality in terms, but would be very expensive. SNMP data will give you enough data to at least see the in/out for your interfaces. Netflow data will give you a better breakdown of the conversations and ports/protocols used, which may help when looking into QoS.

A few questions: Do these servers include VoIP? VoIP will require different considerations than all data traffic. Is there a budget for finding a tool?

Edit: You may also want to speak with the carriers to get their ideas on your needs. They will be able to give you a recommendation based upon existing customers.

 

[RadiclDreamer]

There are MAYBE 10 wireless voip phones and they will not be moved nor will its server. I dont really need to break it down by protocol, just a raw usage. I would preferably like to use a free tool because my boss has it in his head that there must be tons of them out there. I might be able get some money for it if I can show him that it absolutely necessary.

Would something like MRTG work for this?

 

[1ceHacka]

MRTG would probably work to just get a raw count on the data. I am not sure what type of applications you use, but those will need to be taken into consideration. What I mean is that SAP data is more important than Exchange data in terms of delivering in a timely manner. There are a lot of things to consider when moving a data center to a remote location. I won't go into those unless you want to hear me talk about it for an hour!

 

[RadiclDreamer]

I'm looking for all the information I can get. Anyone that has .02 to throw in please do so

 

[jlazzaro]

what sups are in the 6509s? netflow is going to be the easiest solution...enable route-cache flow on the SVI's and export the flows to the collector. switched flow statistics are going to depend on your PFC.

ive seen people graph netflow statistics with MRTG, but have never done it myself. there are also a lot of free netflow tools out there...pick your poison.

 

[RadiclDreamer]

Originally posted by: jlazzaro
what sups are in the 6509s? netflow is going to be the easiest solution...enable route-cache flow on the SVI's and export the flows to the collector. switched flow statistics are going to depend on your PFC.

ive seen people graph netflow statistics with MRTG, but have never done it myself. there are also a lot of free netflow tools out there...pick your poison.

Sup720

 

[1ceHacka]

You are going to want to think about QoS now also. Using QoS, you will be able to utilize a smaller link. No matter what employees say, web browsing isn't a valid excuse to upgrade bandwidth Unless that truely is their job...then I guess they have a arguement.

You will need to get a total snapshot of what will be running across the WAN now to the data center and then prioritize it. Does SAP gain precedence over everything? Does Exchange need a high priority?

Another thing you should look into if you don't already have it is using a web proxy. This will allow you better administration and efficiency on the web browsing thing.

 

[RadiclDreamer]

Already have a proxy etc. And the offsite datacenter is a temporary one, we are a hospital and are building a new hospital. We will need to co-lo while we transition and then move everything back the main facility once things are finished. I dont expect the servers to be offsite for more than a few months. I mainly just need to know how much pipe we will need for that short time.

 

[1ceHacka]

Well that changes things. If you only are going to be offsite for a few months, it shouldn't be a big deal to order a large pipe. You can always do some homework and setup QoS, but you will have to personally have to weigh the reward/time spent on doing that.

A word of caution, we currently are a single vendor for our WAN worldwide (over 150 locations), but we still have a decent lead time for upgrades and new locations. Keep that in mind and don't wait too long to start looking into these links.

 

[spidey07]

Just from experience (with the number of clients/servers) you need to be looking at a DS3 (45 Mbs) or see if you can get some kind of metro ethernet connection, 100 or 1000 Mbs.

 

[1ceHacka]

Originally posted by: spidey07
Just from experience (with the number of clients/servers) you need to be looking at a DS3 (45 Mbs) or see if you can get some kind of metro ethernet connection, 100 or 1000 Mbs.

That sounds bigger than it needs to be. We have SAP and Exchange centrally hosted for over 75 sites in the U.S. We have a T3 to the MPLS cloud from our HQ where everything is centralized.

 

[RadiclDreamer]

Originally posted by: spidey07
Just from experience (with the number of clients/servers) you need to be looking at a DS3 (45 Mbs) or see if you can get some kind of metro ethernet connection, 100 or 1000 Mbs.

The site isnt far away and we have a vendor that can offer 250 which we have now and 500. My boss really wants a good number though. Any suggestions on how to get that?

 

[RadiclDreamer]

Originally posted by: RadiclDreamer

Originally posted by: spidey07
Just from experience (with the number of clients/servers) you need to be looking at a DS3 (45 Mbs) or see if you can get some kind of metro ethernet connection, 100 or 1000 Mbs.

The site isnt far away and we have a vendor that can offer 250 which we have now and 500. My boss really wants a good number though. Any suggestions on how to get that?

Also remember that medical data can be HUGE as in hundreds of mb per study (ct etc) so the need is really there for that kind of bandwidth, it can honestly mean the difference in life and death in some cases. We need to make sure our docs get the info they need ASAP.

 

[spidey07]

Originally posted by: RadiclDreamer

Originally posted by: spidey07
Just from experience (with the number of clients/servers) you need to be looking at a DS3 (45 Mbs) or see if you can get some kind of metro ethernet connection, 100 or 1000 Mbs.

The site isnt far away and we have a vendor that can offer 250 which we have now and 500. My boss really wants a good number though. Any suggestions on how to get that?

I've moved hospital data centers - you guys move a ton. The only real way is to measure what comes in and out of your data center in total bytes per minute/hour. Just use MRTG or netflow but you're gonna have to know your applications and their patterns. If you want brute force setup a 10G probe on your 6500s and span all vlans to it and watch utilization - that will give you an idea.

There isn't an easy answer without sophisticated tools you probably can't purchase.