[CentOS] OT: mysterious traffic
Johnny Hughes
mailing-lists at hughesjr.com
Fri Jan 13 10:55:56 UTC 2006
On Fri, 2006-01-13 at 17:37 +0700, Beast wrote:
> Peter Kjellström wrote:
> > On Friday 13 January 2006 11:10, Beast wrote:
> >
> >>Hi all,
> >>
> >>I have few sites which interconnected using a dedicated link.
> >>During these few weeks I've found that there are some mysterious traffic
> >>pass over my router with constant amount of bandwidth all over the time.
> >>I can know this because after working hours, only few applications are
> >>running and it did not generate this kind of traffic.
> >>
> >>Anyone can advice how to detect what kind of traffic that consumes those
> >>bandwith?
> >
> >
> > Run an ethereal/tcpdump capture session over night. Then it should be clear
> > enough.
> >
>
> I forget to add that the router interface is connected to ethernet
> switch. Still possible to run packet sniffer?
>
>
Yes, but if it is a switch and not a hub, you may need to figure out how
to assign one port of the switch as a "Monitor Port".
Some switches filter traffic so that you only see traffic on you
rindividual port. A "Monitor Port" shows all traffic, allowing you to
sniff from that port ... you would set that option for the port that the
machine running ethereal / tcp dump is using.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20060113/32d1c8d3/attachment.sig>
More information about the CentOS
mailing list