When we ran with ipfilter v3 we graphed in/out bytes using the values found
in "netstat -s". But with version v4 these values do not seem to represent teh whole picture anymore.
It is almost as if all NAT traffic was not counted - only originating traffic. Is this possible?
A 1 minute snap shot:
Wed Mar 16 12:46:37 JST 2005
kstat
obytes64 4109937675
rbytes64 3672807380
obytes64 3686990232
rbytes64 108535703
netstat
tcpOutDataSegs =728300 tcpOutDataBytes =508253505
tcpInInorderSegs =646806 tcpInInorderBytes =484504283
tcpInUnorderSegs = 4528 tcpInUnorderBytes =4484952Wed Mar 16 12:47:39 JST 2005
kstat
obytes64 4115022078
rbytes64 3708562138
obytes64 3722746634
rbytes64 113642878
netstat
tcpOutDataSegs =728322 tcpOutDataBytes =508257047
tcpInInorderSegs =646818 tcpInInorderBytes =484506401
tcpInUnorderSegs = 4528 tcpInUnorderBytes =4484952
nat04:~#
So kstat reports:
e1000g0: 5084403 bytes sent e1000g1: 35756402 bytes sent
Where as netstat -s: 3542 bytes sent.
Is this a known side effect? I guess it isn't the end of the day, I was worried when the b/w graph went along the floor instead of being at a constant 6-7Mbps.
My best guess would be that perhaps "pfil" would need to update such statistics, if one would really care about it. "ipfstat" only shows packets, and not bytes or I would use it.
Lund
-- Jorgen Lundman | <[EMAIL PROTECTED]> Unix Administrator | +81 (0)3 -5456-2687 ext 1017 (work) Shibuya-ku, Tokyo | +81 (0)90-5578-8500 (cell) Japan | +81 (0)3 -3375-1767 (home)
