Dear adies and Gentlemen, With ntop snapshot of 10 Jun 2002, on a FreeBSD cache server (squid: one upstream peer via an ethernet connection), the percentages look fine but the traffic volumes are not credible.
Here's an example. Ntop-02-06-10 is running on the host Squid, the proxy cache. It serves about 800 local MS Win clients running at 10 Mbps. It has a 100 Mbps ethernet connection to the parent cache. http://squid:3000/sortDataSentIP.html Host Domain Data Descending order, click to reverse FTP HTTP DNS Telnet NBios-IP Mail DHCP/BOOTP SNMP NNTP NFS X11 SSH Gnutella Morpheus WinMX Audiogalaxy Other IP squid.aipo.gov.au Medium Risk Flag for domain au 27.7 GB 67.6 % 0 610.6 MB 56.4 MB 540 0 2.3 MB 0 19.8 KB 0 3.5 MB 0 0 0 1.3 MB 0 0 27.0 GB foundry.aipo.gov.au Multihomed DNS Flag for domain au 766.6 MB 1.8 % 0 0 97.0 MB 0 0 0 0 0 0 0 0 0 0 0 0 0 669.5 MB This data has been accumulated only since 00:00:00 11 Jun 2002 yet there is nearly 28 GB of data and although the Cache (the host named squid.aipo.gov.au) uses port 3128 to talk to local clients (hence there should be a large volume of other traffic) there is only 610.6 MB of HTTP traffic (and since all traffic between this cache and the sole parent should be HTTP this seems to small). Further, after clicking the squid host :- http://squid:3000/SomeIP.html TCP/UDP Service/Port Usage IP Service Port # Client Sess. Last Client Peer # Server Sess. Last Server Peer smtp 25 5/18.4 KB xena.aipo.gov.au Mail (SMTP) domain 53 12592/103.0 MB networks2.aipo.gov.au DNS http 80 35801/511.4 MB securenet-mta.aipo.gov.au 1258/849.5 KB PC08494 auth 113 5/220 xena.aipo.gov.au Mail (SMTP) ntp 123 160/7.5 KB wins DNS DHCP Server 160/7.5 KB wins DNS DHCP Server snmp 161 256/25.9 KB xena.aipo.gov.au Mail (SMTP) ldap 389 563/1.1 MB corpdir.aipo.gov.au High Risk Does not show where the 28 GB of traffic is going. L-R and R-L tables do show GB volumes between the cache and the parent, but only about 10 GB. Finally, the host foundry is a load balancer for DNS traffic yet it is showing 669.5 MB of other IP traffic. Thank you, Yours sincerely. -- ------------------------------------------------------------------------ Stanley Hopcroft Network Specialist ------------------------------------------------------------------------ '...No man is an island, entire of itself; every man is a piece of the continent, a part of the main. If a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a manor of thy friend's or of thine own were. Any man's death diminishes me, because I am involved in mankind; and therefore never send to know for whom the bell tolls; it tolls for thee...' from Meditation 17, J Donne. _______________________________________________ Ntop-dev mailing list [EMAIL PROTECTED] http://lists.ntop.org/mailman/listinfo/ntop-dev
