I am very interested in statistics about the usage of IPv6 on Internet routers and firewalls. The problem is, that most routers/firewalls do not have unique SNMP OIDs for IPv4 and IPv6 traffic, but only the normal incoming/outgoing packet counters per interface. Therefore I am using two independent ethernet ports and cables between my outer router and my first firewall, one for IPv4-only and the other one for IPv6-only traffic. Now I have independent statistics for each protocol and can combine them in one summary graph. (Though I know that this will never be a “best practice” solution…)
Idea – Architecture
The main idea is to use two interfaces, e.g., on the Internet-facing firewall. Thereby, two independent SNMP counters are available, one for IPv4-only and the other one for IPv6-only. The architecture might look like this:
This won’t work for every single subnet on a network, but should fit for the ISP connection to have an overall view of IPv6 vs. IPv4 traffic.
Sample Graph
This is how my combined graph looks like. It is the weekly view zoomed in. (Since this is only my laboratory, the statistics are not that nice. But they show the principle.) Blue is the IPv4 traffic, green IPv6, and red are the total values:
MRTG/Routers2 Config
In my MRTG/Routers configuration, there are two interfaces. Quite normal. The only interesting part are the routers.cgi*Graph[]: directives on both interfaces, as well as the three configuration lines for that user-defined graph below.
### Interface 2 >> Descr: 'ethernet0/0' | Name: 'ethernet0/0' | Ip: '172.16.0.2' | Eth: 'b0-c6-9a-fd-ca-80' ### Target[172.16.1.1_ethernet0_0]: #ethernet0/0:ThisIsNotMyRealCommunityString@172.16.1.1:::::2 MaxBytes[172.16.1.1_ethernet0_0]: 12500000 Title[172.16.1.1_ethernet0_0]: Traffic Analysis for ethernet0/0 (IPv4) -- fd-wv-fw01.webernetz.net routers.cgi*ShortDesc[172.16.1.1_ethernet0_0]: ethernet0/0 IPv4 routers.cgi*Graph[172.16.1.1_ethernet0_0]: 172.16.1.1_IPv4IPv6 ### Interface 3 >> Descr: 'ethernet0/1' | Name: 'ethernet0/1' | Ip: 'No Ip' | Eth: 'b0-c6-9a-fd-ca-85' ### Target[172.16.1.1_ethernet0_1]: #ethernet0/1:ThisIsNotMyRealCommunityString@172.16.1.1:::::2 MaxBytes[172.16.1.1_ethernet0_1]: 12500000 Title[172.16.1.1_ethernet0_1]: Traffic Analysis for ethernet0/1 (IPv6) -- fd-wv-fw01.webernetz.net routers.cgi*ShortDesc[172.16.1.1_ethernet0_1]: ethernet0/1 IPv6 routers.cgi*Graph[172.16.1.1_ethernet0_1]: 172.16.1.1_IPv4IPv6 ############################################### IPv4IPv6 ################################################# routers.cgi*Title[172.16.1.1_IPv4IPv6]: IPv4 vs. IPv6 -- fd-wv-fw01.webernetz.net routers.cgi*ShortDesc[172.16.1.1_IPv4IPv6]: IPv4 vs. IPv6 routers.cgi*InSummary[172.16.1.1_IPv4IPv6]: yes
Cisco Router has Counters
At least it should be noted that some Cisco routers have independent IPv4/IPv6 counters. However, they are not accessible via SNMP. The CLI command is:
show interfaces <if-number> accounting
For example, on my single outside interface on a Cisco router 1803 with IOS version 12.4(24)T8, this looks like:
fd-wv-ro01#show interfaces fastEthernet 0 accounting
FastEthernet0 Internet-Uplink
Protocol Pkts In Chars In Pkts Out Chars Out
Other 0 0 1011695 60701700
IP 318659105 4270203210 333933210 3274633194
ARP 757814 45468886 18681 1120860
CDP 0 0 168622 73687410
IPv6 60611673 3939583904 56244781 1325591327