資源描述:
《寬頻網(wǎng)路設(shè)備的需求與規(guī)劃》由會(huì)員上傳分享,免費(fèi)在線閱讀,更多相關(guān)內(nèi)容在行業(yè)資料-天天文庫(kù)。
1、寬頻網(wǎng)路設(shè)備的需求與規(guī)劃麟瑞科技網(wǎng)路工程師溫德鈞2002/12/13國(guó)立交通大學(xué)Agenda寬頻網(wǎng)路設(shè)備的需求網(wǎng)路流量統(tǒng)計(jì)-MRTG-NetFlow&sFlow廣告郵件預(yù)防-MailServerConfiguration-GatewayProtection網(wǎng)路攻擊行為預(yù)防-入侵偵測(cè)系統(tǒng)(IDS)不當(dāng)資訊防治-CacheSolutionQ&AOct.1999?1999FoundryNetworks,Inc.2IronCladPolicyBasedNetworkManagement寬頻設(shè)備的需求新世代寬頻骨幹中小學(xué)以10Mbpsor100Mbps連上縣網(wǎng)中心需要符合下列幾項(xiàng)連線規(guī)範(fàn)網(wǎng)路設(shè)備的
2、流量統(tǒng)計(jì)網(wǎng)路流量的排行與分析(前30名流量)廣告信阻擋機(jī)制不當(dāng)資訊過(guò)濾機(jī)制Oct.1999?1999FoundryNetworks,Inc.3IronCladPolicyBasedNetworkManagement網(wǎng)路流量統(tǒng)計(jì)Oct.1999?1999FoundryNetworks,Inc.4IronCladPolicyBasedNetworkManagementMRTG簡(jiǎn)介MRTG的運(yùn)作方式MRTG是透過(guò)SNMPMIB值所提供的資料來(lái)監(jiān)控網(wǎng)路流量所有MRTG所偵測(cè)的裝置都必須符合SNMP通訊協(xié)定支援設(shè)備具SNMP功能的網(wǎng)路設(shè)備(Router/Switch)UNIX/Linux/Wind
3、ows2000(需將SNMPAgentenable)等作業(yè)系統(tǒng)皆支援SNMP協(xié)定可監(jiān)控內(nèi)容介面流量CPU使用率(監(jiān)控Server需額外安裝外掛程式)RAM使用率(監(jiān)控Server需額外安裝外掛程式)Oct.1999?1999FoundryNetworks,Inc.5IronCladPolicyBasedNetworkManagementRequestMTRGServerSwitchRouterServerMIB數(shù)值製成網(wǎng)頁(yè)圖表MRTG運(yùn)作過(guò)程O(píng)ct.1999?1999FoundryNetworks,Inc.6IronCladPolicyBasedNetworkManagementNetF
4、low&sFlow簡(jiǎn)介NetFlow&Sflow可紀(jì)錄每一筆流量的封包資料FlowCollector則根據(jù)這些資料作流量的分析與統(tǒng)計(jì)NetFlow為Cisco所制定sFlow定義在RFC1376NetFlow可MonitorL3~L4的封包資訊sFlow可MonitorL2~L7的封包資訊支援產(chǎn)品:NetFlow–Cisco系列RouterandSwitchsFlow–Foundry系列Switch/HP系列產(chǎn)品Collector產(chǎn)品-RingLineFlowTrackerandNetalyzer-InMon-GenieNRMNetelligentOct.1999?1999Foundry
5、Networks,Inc.7IronCladPolicyBasedNetworkManagementRouterSwitchFlowCollector&MonitorDBServerWebServerBrowserClientBrowserNetFlowsFlowsFlowNetFlowAnalyzerAnalyzerNetFlow&sFlow簡(jiǎn)介Oct.1999?1999FoundryNetworks,Inc.8IronCladPolicyBasedNetworkManagementSourceIPAddressDestinationIPAddressSourceASNumberDes
6、tinationASNumberInputphysicalinterfaceOutputphysicalinterfaceSourceTCP/UDPportDestinationTCP/UDPportPacketcountBytecountStarttimestampEndtimestampNexthopaddressIPprotocolTOSbyteTCPflagAddressInterfaceApplicationStatisticsSourceSubnetMaskDestinationSubnetMaskNetFlowDatagramOct.1999?1999FoundryNetw
7、orks,Inc.9IronCladPolicyBasedNetworkManagementsFlowDatagramsFlowagentJetCoreASICStatisticalPacketSamplingTechnologyOrVelocityMgmt.ModulesFlowDatagramPacketHeaderAnalysisMACVLAN(802.1qand802.1p)IPv4Header,includingTCP,U