Network Traffic

sbk1972 · May 29, 2009, 6:37am

Hi all,

Got a strange one here, well not so much strange, different

I need to work out if a server is particulary chatty, whether its talking / communicating heavily to a particular server, as Im planning to physically move the server to a different server, over a link. Hence the requirement to see if its particulary chatty.

Ok, so I do a snoop, I see it talks to x y and z, but how do you measure network traffic ? Do you say that server a sends out x amount of packets per an hour, or total amount of data sent in a day ?

Not sure, can you help ?

SBK

Neo · May 29, 2009, 7:22am

We use Zabbix to measure network traffic and other stats.

Zabbix is free and open source.

sbk1972 · May 29, 2009, 7:48am

Hi, just downloaded the tool. Mmmm itsa bit `heavy` for what I really need. Also, Im always a bit reserved from adding more and more monitoring tools.

Was more hoping of a way of using native commands ? like netstat -s

# netstat -s

RAWIP
rawipInDatagrams = 22740 rawipInErrors = 0
rawipInCksumErrs = 0 rawipOutDatagrams = 21166
rawipOutErrors = 0

UDP
udpInDatagrams =51491684 udpInErrors = 0
udpOutDatagrams =48412710 udpOutErrors = 0

TCP tcpRtoAlgorithm = 4 tcpRtoMin = 400
tcpRtoMax = 60000 tcpMaxConn = -1
tcpActiveOpens =7522380 tcpPassiveOpens =16338923
tcpAttemptFails =781153 tcpEstabResets = 18290
tcpCurrEstab = 96 tcpOutSegs =506875993
tcpOutDataSegs =2526079941 tcpOutDataBytes =3510546242
tcpRetransSegs =1142286 tcpRetransBytes =487885722
tcpOutAck =2260997011 tcpOutAckDelayed =130360669
tcpOutUrg = 612 tcpOutWinUpdate =35783346
tcpOutWinProbe = 10645 tcpOutControl =47912477
tcpOutRsts =870071 tcpOutFastRetrans = 78406
tcpInSegs =523710939
tcpInAckSegs =4224722896 tcpInAckBytes =3993397754
tcpInDupAck =33604177 tcpInAckUnsent = 0
tcpInInorderSegs =2305955076 tcpInInorderBytes =506198070
tcpInUnorderSegs =10791995 tcpInUnorderBytes =3286031967
tcpInDupSegs =854343 tcpInDupBytes =283605628
tcpInPartDupSegs = 80288 tcpInPartDupBytes =48189680
tcpInPastWinSegs = 589 tcpInPastWinBytes =399096
tcpInWinProbe = 64099 tcpInWinUpdate = 10644
tcpInClosed = 212 tcpRttNoUpdate =877873
tcpRttUpdate =4202885671 tcpTimRetrans =987234
tcpTimRetransDrop = 18337 tcpTimKeepalive =371590
tcpTimKeepaliveProbe= 91034 tcpTimKeepaliveDrop = 12
tcpListenDrop = 1406 tcpListenDropQ0 = 0
tcpHalfOpenDrop = 0 tcpOutSackRetrans =129464

IPv4 ipForwarding = 2 ipDefaultTTL = 255
ipInReceives =2841089716 ipInHdrErrors = 0
ipInAddrErrors = 0 ipInCksumErrs = 0
ipForwDatagrams = 0 ipForwProhibits = 1
ipInUnknownProtos = 0 ipInDiscards = 0
ipInDelivers =552146395 ipOutRequests =2882346449
ipOutDiscards = 0 ipOutNoRoutes = 8
ipReasmTimeout = 60 ipReasmReqds = 50
ipReasmOKs = 50 ipReasmFails = 0
ipReasmDuplicates = 0 ipReasmPartDups = 0
ipFragOKs = 50 ipFragFails = 0
ipFragCreates = 2200 ipRoutingDiscards = 0
tcpInErrs = 10716 udpNoPorts = 47648
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipsecInSucceeded = 0
ipsecInFailed = 0 ipInIPv6 = 0
ipOutIPv6 = 0 ipOutSwitchIPv6 = 21913

IPv6 ipv6Forwarding = 2 ipv6DefaultHopLimit = 255
ipv6InReceives = 0 ipv6InHdrErrors = 0
ipv6InTooBigErrors = 0 ipv6InNoRoutes = 0
ipv6InAddrErrors = 0 ipv6InUnknownProtos = 0
ipv6InTruncatedPkts = 0 ipv6InDiscards = 0
ipv6InDelivers = 0 ipv6OutForwDatagrams= 0
ipv6OutRequests = 0 ipv6OutDiscards = 0
ipv6OutNoRoutes = 0 ipv6OutFragOKs = 0
ipv6OutFragFails = 0 ipv6OutFragCreates = 0
ipv6ReasmReqds = 0 ipv6ReasmOKs = 0
ipv6ReasmFails = 0 ipv6InMcastPkts = 0
ipv6OutMcastPkts = 0 ipv6ReasmDuplicates = 0
ipv6ReasmPartDups = 0 ipv6ForwProhibits = 0
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipv6InIPv4 = 0
ipv6OutIPv4 = 0 ipv6OutSwitchIPv4 = 0

ICMPv4 icmpInMsgs =348516 icmpInErrors = 0
icmpInCksumErrs = 0 icmpInUnknowns = 0
icmpInDestUnreachs = 125 icmpInTimeExcds = 0
icmpInParmProbs = 0 icmpInSrcQuenchs = 0
icmpInRedirects = 0 icmpInBadRedirects = 0
icmpInEchos =327416 icmpInEchoReps = 20970
icmpInTimestamps = 0 icmpInTimestampReps = 0
icmpInAddrMasks = 3 icmpInAddrMaskReps = 0
icmpInFragNeeded = 24 icmpOutMsgs =327621
icmpOutDrops = 47452 icmpOutErrors = 0
icmpOutDestUnreachs = 204 icmpOutTimeExcds = 0
icmpOutParmProbs = 0 icmpOutSrcQuenchs = 0
icmpOutRedirects = 0 icmpOutEchos = 0
icmpOutEchoReps =327416 icmpOutTimestamps = 0
icmpOutTimestampReps= 0 icmpOutAddrMasks = 0
icmpOutAddrMaskReps = 1 icmpOutFragNeeded = 0
icmpInOverflows = 0

Any one explain this ?

SBK

thanhdat · May 29, 2009, 9:21am

Because you need a tool that show you the traffic per hour/day/week/year, i think MRTG meets your requirements. It's difficult for a command to do the same thing.

sbk1972 · June 1, 2009, 4:37am

hi,

Thanks for your answers. Im looking at Nagios / MRTG but I need to compile them.

Ok, I'll admit it, Ive never compiled anything on a solaris server. I tried ot find precompiled versions / binaries, but I cant this time

So, how / what does one need to comiplew source code ? What packages do I need, from sunfreeware ? Im assuming that if I download c compile, libraries, then I can compile nearly all bits of source code ?

Cheers

SBK

jlliagre · June 1, 2009, 10:44am

You generally don't need to download a C compiler as it is bundled in less than 4 years old Solaris releases (Solaris 10 and newer).

Just add /opt/sfw/bin to your PATH.

sbk1972 · June 2, 2009, 3:01am

hi,

Im using solaris 8 and solaris 9 - Oh yeah modern technology

Im also in a work environment, and these compiles are normally installed if you install the media kit / developer stuff in the inital install part. You tend to find that servers are just built with the bare componets, i..e do not include developer parts.

If I go to /opt/sfw, all I see if firefox, so someone has installed this before me.

So, assume I have a bare server, I need to install all the compiler parts.

SBK