From owner-freebsd-questions Thu Oct 25 7:15: 4 2001 Delivered-To: freebsd-questions@freebsd.org Received: from sudz.ns3g.com (196.40.220-216.q9.net [216.220.40.196]) by hub.freebsd.org (Postfix) with ESMTP id 9F42D37B407; Thu, 25 Oct 2001 07:14:54 -0700 (PDT) Received: from cooler (cr768924-a.etob1.on.wave.home.com [24.42.29.172]) by sudz.ns3g.com (8.11.6/8.11.6) with SMTP id f9PEGAA24815; Thu, 25 Oct 2001 10:16:10 -0400 (EDT) (envelope-from sudz@ns3g.com) Reply-To: From: "Colin Legendre" To: , Subject: RE: Openssh Date: Thu, 25 Oct 2001 10:16:17 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <3BD81802.2010209@emaxx.nl> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Precisely but... Explain to me then why doing this with ssh1 it is only 2-3k of traffic but with ssh2 it is 25-75K of traffic. Explain as well that doing this under FreeBSD 4.3 Stable only creates 2-3K of traffic, using ssh1 or ssh2? I understand some traffic, but it is a ton of it. Colin Legendre CCNA, MCP sudz@ns3g.com http://www.ns3g.com -----Original Message----- From: owner-freebsd-stable@FreeBSD.ORG [mailto:owner-freebsd-stable@FreeBSD.ORG]On Behalf Of Pascal Hofstee Sent: Thursday, October 25, 2001 9:48 AM To: sudz@ns3g.com Cc: freebsd-stable@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG Subject: Re: Openssh Colin Legendre wrote: > I have now noticed that this only occurs if you run trafshow/or/tcpdump on > the machine you are connected to, if you run trafshow on the server end the > connection it goes crazy, if you run it only on the client end it is fine. > Looks like there is a problem in the interaction between the ssh2 protocol > in Openssh and the bpf0 device. Any ideas? So just to get this straight ....when running tcpdump/trafshow on the "LOCAL" machine there is no real network traffic between the two systems. When doing the same thing on the "REMOTE" machine the network traffic goes to about 40-50k p/s. Well trafshow/tcpdump show network traffic statistics. Running them on the "remote" host will have to show the output on the "local" host .. transporting the data over the network ... which in turn will generate new trafshow/tcpdump input data .. which will generate output that in turn needs to be send to your "local" system ... which generates new input etc ..... You're basically monitoring your own SSH traffic that gets generated by using network traffic analysys tools on the REMOTE end of the connection. -- Pascal Hofstee To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message