cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2421
Views
0
Helpful
3
Replies

Inbound and Outbound for Interfaces

linker.team
Level 1
Level 1

Hi All,

            I would like to confirm the Inbound and Outbound values specific to interfaces which are responsible for the transaction.

Consider the below FTP log,

<134>Mar 11 2009 10:54:16: %PIX-6-302013: Built outbound TCP connection 3720 for outside:192.168.81.10/21 (192.168.81.10/21) to inside:192.168.90.1/4572 (192.168.90.1/4572) ()
<134>Mar 11 2009 10:56:17: %PIX-6-302014: Teardown TCP connection 3720 for outside:192.168.81.10/21 to inside:192.168.90.1/4572 duration 0:02:01 bytes 1505005 SYN Timeout ()

How can i assume Inbound and Outbound values for the interfaces inside & outside. (FTP is happened from outside to inside)

Case 1:

For inside  ....: Inbound = 1505005 bytes  & Outbound = 0 bytes

For outside  ..: Inbound = 0 bytes  & Outbound = 1505005 bytes

Case 2:

For inside  ....: Inbound = 1505005 bytes  & Outbound = 0 bytes

For outside  ..: Inbound = 1505005 bytes  & Outbound = 0 bytes

      Please someone clarify the above and that will help me to resolve the insterface specific bandwidth (IN & OUT) calculation.

Thanks,

Saran

3 Replies 3

Nagaraja Thanthry
Cisco Employee
Cisco Employee

Hello,

In the log message you have posted, the value 1505005 specifies the total data exchanged via the connection. It includes all the packets in both directions. So, it is hard to determine if it was inbound or outbound. The log message always treats the connection as if it was established from outside to inside even though it would have been established from inside to outside. I would suggest you to use other means to calculate the bandwidth usage.

Hope this helps.

Regards,

NT

vinod.agrahari
Level 1
Level 1

Hi Linker,

I think ,we can not get to know the downloaded data from any specific host connected in the internal network and from here just we get to know the interface utilization ,the amount of packet get exchange from both way.

To get to know the exact amount of data downloaded from any specific host connected in the network ,can get to know though third party tool e.g. Netflow Analyzer  etc.

Please let me know if you need more eleboration.

Regards

Vinod Agrahari

Hi,

      Thanks for your reply. Please note that the transaction is for single FTP (connection id 3720). Hence the byte value belongs to that FTP alone. My requirement is to calculate the bandwidth utilization of the interfaces of a Firewall device. Hence i would like confirm the IN/OUT values with respect to interfaces.

     Netflow Analyzer will give the bandwidth utilization of Router interfaces. Here i am trying to check the bandwidth utilization of Firewall interfaces. My interest is to findout the traffic IN/OUT of my DMZ.

    I would like to confirm, how single byte value of a transaction will be taken as IN (or) OUT specific to Source and Destination interfaces. I am so happy if someone explains the IN/OUT values in case i have inside/outside/DMZ interfaces in a firewall.     

Regards,

Saran

Review Cisco Networking for a $25 gift card