Questions tagged [network-traffic]
The network-traffic tag has no usage guidance.
114
questions
0
votes
1
answer
55
views
Daily overview of traffic with information on what processes consumed how much of the traffic on a Linux server
By the end of the day (or week/month) I would like to have an overview of all processes which used the network with information about how much traffic was generated by each of those processes for that ...
- 6,259
0
votes
0
answers
58
views
Windows Server - create firewall rules from network trace?
A good basis for firewall rules would be Zero Trust - only allow what is needed.
But in many cases, you do not know all the needed rules for a server connection. As a result in many evironments, the ...
- 1
0
votes
0
answers
79
views
Promiscuous Mode on VMware capturing only broadcast
I'm facing an issue with using promiscuous mode on VMware. I have 3 VMs connected to a single portgroup on which promiscuous mode has been enabled. It's changed to "Accept". I am monitoring ...
- 162
0
votes
1
answer
99
views
How to handle QoS(traffic control) based on physical interface of virtual bridge?
I have a requirement to limit the traffic rate based on different interfaces of the router, such as controlling the upload speed of ssid1 to 10mbps, download speed to 20mbps, lan1 upload speed to ...
- 1
0
votes
1
answer
24
views
Find out what's causing the sudden rise in traffic?
My webserver (Debian Bullseye, Apache2) is serving about 50 (small) websites spread over 16 ip addresses. I just noticed that on one of the ip addresses, since the beginning of this month traffic has ...
- 259
0
votes
0
answers
25
views
Total Network Traffic of a specific PORT or USER
I want to provide a 'SSH Tunnel' for one of my customers, and I need to know the total network traffic by its PORT or USER.
for example: I will give him/her an access to my server by an exclusive ...
- 1
0
votes
1
answer
233
views
Best Azure function to identify surge in outgoing network traffic
We have two Azure VM's hosting web applications with back-end databases on each respective server. In the last few days we've seen a massive surge in outgoing data within the metrics. Normally this ...
- 164
2
votes
1
answer
1k
views
Extracting TCP application data from pcap file
Given a .pcap (or similar) file, I'd like to select one TCP connection and dump both application data streams (the one from the other peer and the one two the other peer) into two separate files on ...
- 193
0
votes
0
answers
378
views
Possible causes for Apache not responding on port 443
Background: Debian Stretch amd64 server on Google Cloud with Apache 2.4.25. It's running a PHP-based website via proxy_fcgi to PHP-FPM. Backend database is PostgreSQL 10. Postgres packages have been ...
google-compute-engine
0
votes
0
answers
45
views
Network traffic debugging - noticed a lot of traffic from different ports in my VM
I am on a quest to analyze high egress traffic from my VM. Analyzing iftop logs, I noticed that a lot of traffic is conducted from different ports of my VM such as :42272, :42292, :42294, :55166 etc....
- 101
1
vote
1
answer
2k
views
Domain Controllers Experiencing Heavy Network Load From Almost All Machines In the Domain
We are experiencing frequent and high-bandwidth connections from almost every machine in our environment with no recognizable pattern.
We transferred ~110GB to/from our main domain controllers(10.223....
- 21
0
votes
0
answers
339
views
Extremely high incoming traffic on web server but no abnormalities in log files
Today we recorded extremely high incoming traffic (1 Gbps) on our Debian Webserver (green chart). On an average day it's at a maximum of about 20-30 Mbps. Firewall as well as fail2ban are configured ...
- 103
0
votes
1
answer
152
views
IN/OUT Network traffic not balanced on Nginx as reverse proxy
I have a reverse proxy server configured using Nginx and proxy_pass with https.
This graph is rendered using SNMPD installed on the server.
But send/receive network traffic is not balanced. Do you ...
- 91
0
votes
2
answers
449
views
Http traffic using 127.0.0.1 or LAN IPv4 IP
Having two services exposed on the same machine, do my connections go to the router and back to my machine if I'm using my internal LAN IPv4 address?
If yes, Is it possible to prevent this by using ...
- 3
0
votes
0
answers
40
views
Internet packages went crazy
So... I have a router (wireless, ASUS RT-N18U), connected to 4 pcs via cable and 1 tablet wireless.
After I noticed some performance drops in my network speed, I checked the traffic manager. The ...
- 803
1
vote
2
answers
5k
views
How to get size of HTTP request and response including protocol overhead?
I am working on an IoT-related research project with several devices. However, my project partner responsible for the infrastructure restricted the traffic for each device to a maximum of 500 MB per ...
- 121
0
votes
3
answers
11k
views
Linux ping command getting rtt
I am new to Linux and i am trying to ping a server and i wonder How to get or calculate median of Round Trip Time (RTT) n Linux ?
Ping or Packet Internet Groper is a network administration utility ...
- 53
0
votes
0
answers
49
views
Configurable Stateful Traffic Generator Advice
I need a traffic generator tool which I should be able to configure followings;
Number of Packets
Number of Sessions
Number of TCP, UDP packets
Average number of packets in a session
Average packet ...
- 1
2
votes
2
answers
3k
views
Get network data transfer rate / throughput for use in Wireshark
I'm trying to get the ethernet NIC throughput rate / data transfer rate on a VPS in order to start a capture on Wireshark during DOS/DDOS attacks so I can analyze the nature of the packets.
I'm ...
- 212
0
votes
1
answer
445
views
How to identify bursts of traffic?
Background: one of our Ubuntu servers is becoming randomly (?) unresponsive ie. some connections are dropped and the server is not accepting new ones for a while. At least this is what we see in logs ...
- 21
0
votes
0
answers
185
views
How to display all network traffic of all local hosts
How can I display all network traffic of all hosts in my network? I can use a linux box of choice, can set eth0 to promiscuous mode and my router has all major protocols. I want to be able to tell ...
- 143
0
votes
1
answer
40
views
discover additional scripts loaded from other sites when visiting a website with DNS
I noticed a (relatively) huge amount of dns packets in my wireshark recording while only visiting plain websites. Sites like amazon, facebook, comodoca and many others are requested by dns packets. So ...
- 13
-3
votes
1
answer
29
views
Word translator tool tracing
If anyone (on our school wired network/Wi-fi) uses the Microsoft translator tool implemented in Word, would we be able to trace it or are we not able to see such activity going on in the network like ...
0
votes
1
answer
46
views
NAT: Figuring out IP of broken down machine
I have a machine that was behind a natted router. Unfortunately its harddrive broke down, so I had to replace it. I have port 22 forwarded to it (in the router provided by the ISP) for remote ...
- 109
0
votes
0
answers
130
views
Traffic burst in cascading Cisco switch configuration
I'm using 2 Cisco Catalyst 3850 switches (Sw1, Sw2) and 3 Cisco Nexus switches (Sw3, Sw4, Sw5) as part of my internal network, connected in the manner below (A, B, C, D, E, F represent 10G ports, i.e. ...
- 211
1
vote
0
answers
589
views
Traffic Control on a Linux-bonded / LACP interface
I have created a virtual interface (VIF) [Read Linux Bonding / LACP interfaces] using two physical ethernet interfaces of 1GBps each.
When I apply traffic control on the same, I see that the egress ...
- 111
0
votes
0
answers
224
views
Track down application/process causing computer broacasting destination 255.255.255.255 port 0
We have installed Untangle and we see many broadcasts from 1 IP (client Windows 7). Almost every minute it is broadcasting to 255.255.255.255 port 0.
I would like to know how to trace the source of ...
- 33
4
votes
0
answers
1k
views
Limiting incoming traffic with tc police
I have a requirement to limit the total incoming traffic to 5mbit. I know this can be achieved by using the following tc command:
tc filter add dev eth0 parent ffff: protocol ip u32 match u32 0 0 ...
4
votes
1
answer
1k
views
Why is the iptables byte count for raw PREROUTING 0?
I plan to use iptables to measure my Internet traffic (inspired by Peter Krumins' great article http://www.catonmat.net/blog/traffic-accounting-with-iptables).
The computer which is intended to ...
- 43
0
votes
2
answers
254
views
reroute traffic from A going to B to instead go to C
I have TCP traffic from 192.168.3.51 going to 192.168.3.10 but instead I would like to have it sent to 192.168.3.50
Is there a way to set this up in iptables such that only tcp traffic coming from A ...
2
votes
2
answers
2k
views
Process names in MS Message Analyzer
I am trying to set up the Message Analyzer viewer exactly like it is explained in this reference, but instead of steady process names I got some weird numbers, both in ProcessName and ProcessID ...
- 594
1
vote
1
answer
190
views
Extracting Source => Destination rx / tx from procfs (/proc)
I know I can get rx and tx bytes for each NIC from /proc/..., but I'm looking to get rx and tx info for each source => destination pair -- basically traffic info for each network connection.
In /proc/...
- 11
2
votes
1
answer
924
views
Minimum bandwidth limit on Linux systems
I need to limit the minimum bandwith from an IP to specific services/ports, by dropping all the packets that will not satisfy that minimum rate.
I saw the attribute rate in the HTB class of the Linux ...
- 21
1
vote
2
answers
1k
views
What's the caculation for network speed reported with sar-n DEV output?
I am confused about the network speed outputs:
If the report says:
sar -n DEV 1 1
Linux 2.6.18-194.el5PAE (dev-db) 03/26/2011 _i686_ (8 CPU)
01:11:13 PM IFACE rxpck/s txpck/s ...
- 701
2
votes
0
answers
993
views
iperf3 uses TCP even if UDP is specified
I've encountered this issue with iperf3(version 3.1.3). iperf(2.0.5) works different. So, with iperf3 even if I specify that I want to use UDP, when I start a capture on the destination, first thing I ...
- 21
-1
votes
1
answer
347
views
What amount of inbound traffic is considered as normal for a small blog? [closed]
I have a blog that has ~1000 page views per day. Usually the amount of incoming traffic to the web server was less than 5MB. Suddenly it popped up to 300MB for some longer period of time. This is 60 ...
- 348
4
votes
2
answers
769
views
Do you trust LACP?
Are there any reasons why I should not rely on LACP when designing network topology? I exactly mean L2 switch to hypervisor connection, so it is the place where agregated traffic of VMs cumulates. We ...
- 51
0
votes
1
answer
65
views
Missing lots of ipv4 traffic after dns switch to a new server
I've been migrating a traffic-heavy (https://jsonip.com) service I've run for a number of years to an upgraded server over the last week. Before the dns switch, I was averaging 9mb/s ipv4 inbound. ...
- 637
0
votes
2
answers
593
views
monitor traffic at the scale of millisecond
I have several linux servers running Ubuntu 14.04, and turned them into a Spark cluster. At this point, I want to measure the network flow between the servers, at the scale of milliseconds, in order ...
2
votes
3
answers
17k
views
How to setup a traffic limit per user on OpenVPN?
I am setting up a VPN server using OpenVPN. The authentication method is the certificate one (different certs for client and server). The VPS has 1TB of traffic monthly.
I plan allowing up to 4 ...
- 21
2
votes
0
answers
167
views
Abnormal DHCP Android device traffic cannot be identified
Hi Serverfault community members.
I've been trying to identify the source of an abnormal broadcast traffic generated by some Samsung Android devices with no success, so I ask for your help.
I have ...
- 21
2
votes
0
answers
150
views
How would I limit total outbound traffic?
I've had a look round and found solutions like tc to limit the total allowed bandwidth per user, but what I'm interested in is how to limit the total outbound traffic per user.
I have a server with ...
- 133
-2
votes
2
answers
128
views
How the Traffic Classes get defined
I often come across in networking related literature the term 'traffic class'. And it looks like it is platform specific, sometimes they talk about 8 traffic classes, sometimes about 64.
1) Is this ...
- 249
1
vote
0
answers
336
views
Network Traffic fluctuating, even with loopback
I am using iperf tool to benchmark my network interfaces on two identical machines (Dell Blade Server M620). Both have given different results.
On 1st machine, I ran server and clients as:
Server ==>...
- 131
6
votes
1
answer
402
views
How to extract X.509 certificate from live network traffic automatically on Linux OS
I will appreciate if someone can point me How to extract an X.509 certificate from live network traffic automatically during the handshake phase between client and server on Linux OS.
A similar ...
- 61
7
votes
1
answer
5k
views
How to set up IAM Role Permissions for VPC CloudWatch logs?
I am trying to allow aws to start my log service, and I have my log streams, and log groups added already.
When i got to my VPC dashboard, the status of the Flow Log I'm interested in says:
Access ...
- 265
1
vote
2
answers
2k
views
OpenVPN solution/options for traffic reduction?
I am looking into VPN for the purpose of traffic reduction on the client side. CPU load is secondary.
Is lzo good enough to beat the overhead malus?
Are there other options to tune compression in ...
- 140
3
votes
2
answers
633
views
Potential traffic issues on one big(ger) subnet
Posts like this:
Most traffic in a corporate LAN is client to server nowadays, and a
router not very well setup rather becomes a bottleneck AND a SPOF. and
200+ clients on a subnet wasn't a ...
- 984
0
votes
1
answer
62
views
What are the tools needed to best asses a load balancer?
I'm building a Paas with Docker container in the field of Networkf Function Virtualization. I need to deploy some load-balancers inside containers.
I need to asses the load balancers in differents ...
- 111
0
votes
1
answer
346
views
Random spikes of high ingress traffic. What could be the cause? [closed]
I understand that this is rather a generic question but wanted to see if you all could offer some good feedback.
Our business has three locations, one in the West Coast, two in the East Coast. Our ...
- 113