dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1103
raytaylor
join:2009-07-28

raytaylor

Member

Before and after getting a netflix caching box

Just saw this on reddit and thought you guys might be interested

»www.reddit.com/r/network ··· ing_box/

"About a year ago I was contracted to setup/create a netflow capture box & an interface to the data (using pmacct, MariaDB, & PHP). The purpose of which was so the ISP could get a caching box from netflix and so they could better see where their traffic is going.

The question I still had (until recently) wasn't if the caching box from Netflix is worth the time and effort for someone who runs an ISP to setup, but "how worth it is it?".

Hopefully some here find this data as interesting as I do."

Semaphore
Premium Member
join:2003-11-18
101010

Semaphore

Premium Member

Ya gotta love Netflow+NFSen+flowdoh

> 60% of my Peak time traffic is now Netflix :-(

Inssomniak
The Glitch
Premium Member
join:2005-04-06
Cayuga, ON

Inssomniak

Premium Member

said by Semaphore:

Ya gotta love Netflow+NFSen+flowdoh

> 60% of my Peak time traffic is now Netflix :-(

You got a tutorial ?

I want to know the same thing, not that I can ever qualify for a cache box.

TomS_
Git-r-done
MVM
join:2002-07-19
London, UK

TomS_

MVM

There's probably all kinds of tutorials and documentation out there already, if someone hasn't created an appliance for one or more hypervisors already.

Semaphore
Premium Member
join:2003-11-18
101010

Semaphore to Inssomniak

Premium Member

to Inssomniak
Tom's right there are a lot of HowTo's on the net... It's a great tool for finding abnormalities in your traffic, and seeing who's burning up your bandwidth. I don't remember when I switched the front end from NTop to NFsen... it was maybe 2 years ago...

But the backend/NFDump part requires that your routers can export IP Flows. Then you point that flow at a port on the collector. Then it's a matter of analyzing the flows. I only started using flowdoh, which is top talker pluggin, a few months ago, befor that I did my top talkers the hard way.... There's a botnet plugin which I've heard of other using too but I've never gotten around to trying it.

You can write your own adhoc queries too... for example finding all traffic on a specific port, or all traffic with TOS=0.

A 5 minute Top 10 Talker query gives you something like this.

Rank Host Address IP Address Bytes % Bytes

1 ipv4_1.lagg0.c176.nyc001.ix.nflxvideo.net 108.175.43.206 465 MB 21.1%
2 ipv4_1.lagg0.c091.nyc001.ix.nflxvideo.net 108.175.42.165 235 MB 10.7%
3 ipv4_1.lagg0.c169.nyc001.ix.nflxvideo.net 108.175.43.199 149 MB 6.8%
4 ipv4_1.lagg0.c084.iad001.ix.nflxvideo.net 108.175.34.188 123 MB 5.6%
5 xxx.xx.120.246 xxx.xx.120.246 111 MB 5.0%
--------------------------------snip----------------------------------

Inssomniak
The Glitch
Premium Member
join:2005-04-06
Cayuga, ON

Inssomniak

Premium Member

Ill have to look at it.. Sounds neat.
My routers are mikrotik. I recall doing something long ago with net flow but it kept crashing.
j2sw
join:2006-05-02
Williamsport, IN

j2sw to raytaylor

Member

to raytaylor
Netflix will look at the following before they either peer or do the cache.

»www.netflix.com/openconn ··· idelines

»www.netflix.com/openconn ··· yOptions

It all amounts to how much traffic you are exchanging. If you want a cache box you have to be sending them over 5 Gigs of data. Otherwise you have to go the peering route. They are very picky on peering and it has to be an IX.