ich brauche mal eine einschätzung von erfahreneren Nutzern: Ich habe hier einen vServer der hauptsächlich Mailserver ist. Nur ich habe da einen Mailaccount drauf. Nun habe ich festgestellt, dass ich jeden Tag so ca. 30GB rx auf eth0 habe. (siehe Screenshot). Eigentlich sollte ich doch herausfinden können was da den traffic macht oder?
Schaue ich mir Bmon und iftop gleichzeitig an, werden unterschiedliche Trafficmengen angezeigt (und zwar viel zu wenig um 30gb zu erklären! Schaue ich mir nload an, ist es ca. 1Mbit/s
Wie find ich nun heraus, wo der Traffic herkommt?!?
Gruß und Dank schonmal!!
bmon:
Code: Alles auswählen
eth0 bmon 4.0
Interfaces x RX bps pps %x TX bps pps %
lo x 128B 1 x 128B 1
qdisc none (noqueue) x 0 0 x 0 0
>eth0 x 138.08KiB 2.33K x 795B 3
qdisc none (pfifo_fast) x 0 0 x 751B 3
tun0 x 0 0 x 0 0
qdisc none (pfifo_fast) x 0 0 x 0 0
qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
KiB (RX Bytes/second)
153.79 .|..|...|.|.....|.........|.|.|.|.......||...|...||.|...|..|
128.16 |||||||.|||||||||||||||||||||||||||||||||||||||||||||||.||||
102.53 ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
76.90 ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
51.26 ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
25.63 ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1 5 10 15 20 25 30 35 40 45 50 55 60
KiB (TX Bytes/second)
5.43 ..........................|.|...............................
4.52 ..........................|||...............................
3.62 ..........|...|.......|.|.|||..............................|
2.71 ..........|..||....||.|.|.||||....|........................|
1.81 ..|...|...|.|||...|||||.||||||.|..||.|.||...|...|...|......|
0.90 ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1 5 10 15 20 25 30 35 40 45 50 55 60
Code: Alles auswählen
12.5Kb 25.0Kb 37.5Kb 50.0Kb 62.5Kb
mqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqq
mail.server.de => 112.85.42.185 3.75Kb 6.72Kb 3.04Kb
<= 0b 2.91Kb 1.60Kb
mail.server.de => 62.91.65.114 4.84Kb 3.57Kb 3.67Kb
<= 160b 160b 248b
mail.server.de => 167.114.58.104 352b 2.51Kb 2.78Kb
<= 320b 832b 852b
mail.server.de => one.one.one.one 296b 820b 248b
<= 524b 1.14Kb 314b
mail.server.de => 218.92.0.156 480b 509b 1.70Kb
<= 0b 451b 1.23Kb
mail.server.de => one.one.one.one 0b 338b 315b
<= 0b 307b 460b
mail.server.de => ns386764.ip-176-31-245.eu 0b 98b 24b
<= 0b 244b 61b
255.255.255.255 => gw.giga-dns.com 0b 0b 0b
<= 0b 284b 286b
mail.server.de => 246.51-175-218.customer.lyse.n 0b 69b 17b
<= 0b 78b 20b
mail.server.de => ns343772.ip-5-135-162.eu 0b 69b 17b
<= 0b 69b 17b
qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
TX: cum: 67.1KB peak: 24.9Kb rates: 9.70Kb 14.8Kb 11.9Kb
RX: 32.3KB 13.0Kb 0.98Kb 6.71Kb 5.88Kb
TOTAL: 99.4KB 37.9Kb 10.7Kb 21.5Kb 17.8Kb
Code: Alles auswählen
Device eth0 [178.238.245.76] (1/3):
===========================================================================================
Incoming:
Curr: 1.14 MBit/s
Avg: 1.09 MBit/s
Min: 59.73 kBit/s
.. Max: 1.20 MBit/s
############################################################ Ttl: 16.16 GByte
Outgoing:
Curr: 20.66 kBit/s
Avg: 17.12 kBit/s
Min: 5.25 kBit/s
Max: 51.00 kBit/s
Ttl: 4.18 GByte
Code: Alles auswählen
interface: eth0
bps
bps % desc
[b] 1.1M 93% arp[/b]
32.7k 2% tcp 178.238.235.76:22 <-> 62.91.65.114:51326
5.5k 0% tcp 144.217.170.65:46374 <-> 178.238.235.76:22
3.6k 0% icmp6 fe80::1 <-> ff02::1:ff00:1
3.0k 0% tcp 167.114.58.104:45050 <-> 178.238.235.76:22
2.7k 0% tcp 178.238.235.76:22 <-> 62.91.65.114:51388
1.6k 0% icmp6 fe80::1 <-> ff02::1:ff00:5
1.5k 0% icmp6 fe80::1 <-> ff02::1:ff00:14
1.5k 0% icmp6 fe80::1 <-> ff02::1:ff00:13
1.4k 0% icmp6 fe80::1 <-> ff02::1:ff00:7
1.4k 0% icmp6 fe80::1 <-> ff02::1:ff00:18
1.4k 0% icmp6 fe80::1 <-> ff02::1:ff00:15
1.2k 0% icmp6 fe80::1 <-> ff02::1:ff00:10
1.2k 0% icmp6 fe80::1 <-> ff02::1:ff00:8
1.1k 0% icmp6 fe80::1 <-> ff02::1:ff00:4
1.0k 0% tcp 101.178.122.50:57971 <-> 178.238.235.76:22
960.9 0% icmp6 fe80::1 <-> ff02::1:ff00:16
960.9 0% icmp6 fe80::1 <-> ff02::1:ff00:21
823.6 0% icmp6 fe80::1 <-> ff02::1:ff00:2
823.6 0% icmp6 fe80::1 <-> ff02::1:ff00:11
770.9 0% udp 178.238.235.76:51413 <-> 94.29.18.239:14571
686.3 0% icmp6 fe80::1 <-> ff02::1:ff00:6
686.3 0% icmp6 fe80::1 <-> ff02::1:ff00:17
686.3 0% icmp6 fe80::1 <-> ff02::1:ff00:22
549.1 0% icmp6 fe80::1 <-> ff02::1:ff00:9
549.1 0% icmp6 fe80::1 <-> ff02::1:ff00:3
549.1 0% icmp6 fe80::1 <-> ff02::1:ff00:20
549.1 0% icmp6 fe80::1 <-> ff02::1:ff00:12
431.0 0% udp 1.0.0.1:53 <-> 178.238.235.76:35064
411.8 0% icmp6 fe80::1 <-> ff02::1:ff00:3f
411.8 0% icmp6 fe80::1 <-> ff02::1:ff11:1
Gruß und Dank schonmal für Hilfe!