How to identify bursts of traffic?How can I sort du -h output by sizeLinux: How to measure daily/montly...
Can we have a perfect cadence in a minor key?
Can I sign legal documents with a smiley face?
What is the grammatical term for “‑ed” words like these?
Can somebody explain Brexit in a few child-proof sentences?
Have I saved too much for retirement so far?
Translation of Scottish 16th century church stained glass
How can "mimic phobia" be cured or prevented?
Why did the HMS Bounty go back to a time when whales are already rare?
How do you respond to a colleague from another team when they're wrongly expecting that you'll help them?
What linear sensor for a keyboard?
Divine apple island
Do Legal Documents Require Signing In Standard Pen Colors?
Should spaces be used when writing foreign names in katakana?
Greco-Roman egalitarianism
Why is Arduino resetting while driving motors?
Freedom of speech and where it applies
Journal losing indexing services
How do I repair my stair bannister?
Drawing a topological "handle" with Tikz
Will adding a BY-SA image to a blog post make the entire post BY-SA?
If a character with the Alert feat rolls a crit fail on their Perception check, are they surprised?
Flux received by a negative charge
What is the difference between "Do you interest" and "...interested in" something?
Fuse symbol on toroidal transformer
How to identify bursts of traffic?
How can I sort du -h output by sizeLinux: How to measure daily/montly network traffic?Can software traffic generator generate 100 Mbps traffic?How to view unencrypted Gtalk traffic?How can I filter https when monitoring traffic with Wireshark?Debugging a complete crash / hang?How to stop a traffic capture?Network traffic generator / simulatorHigh suspicious traffic + connection slow and disconnecting on VPSHow would I limit total outbound traffic?
Background: one of our Ubuntu servers is becoming randomly (?) unresponsive ie. some connections are dropped and the server is not accepting new ones for a while. At least this is what we see in logs of dependant services. The problem lasts for few minutes at best. It happens 1-3 times a day. We use munin to monitor this server, but nothing from standard graphs stands out for us.
After initial diagnosis nothing came up but our data center told us that when it happens there are short high spikes of traffic on their charts. No more useful info from them. How to identify what is causing them? (source IP, dest port)
I thought about capturing packets with tcpdump, but I have no idea what filter could be applied to avoid producing gigabytes of logs. Maybe there exist a tool to log all connections and print statistics (connection duration, bytes exchanged, rate)? Assuming these are not connectionless packets.
linux network-traffic
asked 1 min ago
unhitunhit
112
add a comment |
Background: one of our Ubuntu servers is becoming randomly (?) unresponsive ie. some connections are dropped and the server is not accepting new ones for a while. At least this is what we see in logs of dependant services. The problem lasts for few minutes at best. It happens 1-3 times a day. We use munin to monitor this server, but nothing from standard graphs stands out for us.
After initial diagnosis nothing came up but our data center told us that when it happens there are short high spikes of traffic on their charts. No more useful info from them. How to identify what is causing them? (source IP, dest port)
I thought about capturing packets with tcpdump, but I have no idea what filter could be applied to avoid producing gigabytes of logs. Maybe there exist a tool to log all connections and print statistics (connection duration, bytes exchanged, rate)? Assuming these are not connectionless packets.
linux network-traffic
asked 1 min ago
unhitunhit
112
add a comment |
Background: one of our Ubuntu servers is becoming randomly (?) unresponsive ie. some connections are dropped and the server is not accepting new ones for a while. At least this is what we see in logs of dependant services. The problem lasts for few minutes at best. It happens 1-3 times a day. We use munin to monitor this server, but nothing from standard graphs stands out for us.
After initial diagnosis nothing came up but our data center told us that when it happens there are short high spikes of traffic on their charts. No more useful info from them. How to identify what is causing them? (source IP, dest port)
I thought about capturing packets with tcpdump, but I have no idea what filter could be applied to avoid producing gigabytes of logs. Maybe there exist a tool to log all connections and print statistics (connection duration, bytes exchanged, rate)? Assuming these are not connectionless packets.
linux network-traffic
asked 1 min ago
unhitunhit
112
Background: one of our Ubuntu servers is becoming randomly (?) unresponsive ie. some connections are dropped and the server is not accepting new ones for a while. At least this is what we see in logs of dependant services. The problem lasts for few minutes at best. It happens 1-3 times a day. We use munin to monitor this server, but nothing from standard graphs stands out for us.
After initial diagnosis nothing came up but our data center told us that when it happens there are short high spikes of traffic on their charts. No more useful info from them. How to identify what is causing them? (source IP, dest port)
I thought about capturing packets with tcpdump, but I have no idea what filter could be applied to avoid producing gigabytes of logs. Maybe there exist a tool to log all connections and print statistics (connection duration, bytes exchanged, rate)? Assuming these are not connectionless packets.
linux network-traffic
linux network-traffic
asked 1 min ago
unhitunhit
112
asked 1 min ago
unhitunhit
112
asked 1 min ago
unhitunhit
112
asked 1 min ago
unhitunhit
112
asked 1 min ago
unhitunhit
112
112
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f959769%2fhow-to-identify-bursts-of-traffic%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f959769%2fhow-to-identify-bursts-of-traffic%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
