How to know who use NFS.
Martin Alejandro Paredes Sanchez
mapsware at prodigy.net.mx
Sun Sep 23 00:41:40 PDT 2007
El Vie 21 Sep 2007, Albert Shih escribió:
> Le 21/09/2007 à 13:59:35-0500, Dan Nelson a écrit
> > In the last episode (Sep 21), Le Cocq Michel said:
> > > Albert Shih a écrit :
> > > > How can I known at un precise moment who charge my NFS server (I'm
> > > > root in both side : client and server).
> > >
> > > With some info student it also happen some times in here, and the way i
> > > find is to launch a tcpdum or ethereal on the server and look at which
> > > ip appear the more often
> >
> > I think ethereal/wireshark is your best bet too. At least with it you
> > can filter on the userid making an NFS request (it's rpc.auth.uid).
> > Unfortunately it doesn't look like there's a summary or analysis option
> > for NFS, so you'll have to count packets maually...
>
> But my problem is the NFS traffic is heavy in standard time, and wireshark
> or tcpdump give my lot of lot of data.
>
Use the force luke
You only need 100 packets (you may decide to increase) that are directed to
your server, to the NFS daemon.
tcpdump -c 100 -nq dst port nfs and dst host $HOST
You don't need to interpret this info, you need to know who is originating the
traffic, lets extract the ip that are originating the traffic
nawk 'BEGIN {FS="[ .]"; OFS="."} {print $4,$5,$6,$7}'
But, who generate more traffic?
Lets count how many packets are originating each one of those ip
nawk '{packets[$1]++} END{for (ip in packets){print packets[ip], ip}}'
And order it
sort -rn
Use pipes to connect all the commands, if this situation is very common,
create a shell.
HTH
maps
More information about the freebsd-questions
mailing list