Wireshark-users: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
Date: Mon, 12 Aug 2013 09:02:28 -0700
Laura
 
Thanks for the response.  I will try TSHARK on this.  I don't have a problem saving all the packet data if it is needed to generate traffic stats - it just didn't seem necessary if there was a better way to do it.

Gary
 
Pioneer Consulting Services, Inc.
Cell: (360) 739-2491
email: gary@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
 
 
-------- Original Message --------
Subject: Re: [Wireshark-users] Need to record bandwidth used by
branch office VPN tunnels
From: "Laura Chappell" <lchappell@xxxxxxxxxxxxxxxx>
Date: Thu, August 08, 2013 6:05 pm
To: "'Community support list for Wireshark'"
<wireshark-users@xxxxxxxxxxxxx>

Hi Gary…
 
Consider using tshark (command-line tool) with the following parameters perhaps…
 
tshark –q –z io,stat,3000,ip.addr==192.168.1.0/24,ip.addr==192.168.2.0/24,ip.addr==192.168.3.0/24 > mystats.txt
 
No packets are saved during this process – you’re only getting statistics.
-q quiet – so you won’t see the packets streaming by
3000 - sample every 3000 seconds (maybe you want to expand this – each sampling is a different row)
> mystats.txt – just let it save to a text file
 
CTRL+C to stop the capture process manually or use a –a autostop condition if desired.
 
Type tshark –h to see the help/parameter information – also reference http://www.wireshark.org/docs/man-pages/tshark.html for info on the stats.
 
Hope that helps.
 
p.s. you might get faster response to questions over at ask.wireshark.org (Wireshark’s Q & A forum).
 
Laura
 
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Hal Wigoda
Sent: Thursday, August 08, 2013 3:33 PM
To: Community support list for Wireshark
Cc: Wireshark Users
Subject: Re: [Wireshark-users] Need to record bandwidth used by branch office VPN tunnels
 
You would filter the traffic.  How you would do that I cannot answer at the time.   

-------

On Aug 8, 2013, at 1:49 PM, "Gary Drost" <gary@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I have a site with two branch offices.  The branch offices communicate back to the main office through Branch Office VPN tunnels over the Internet.
 
If the office IP structure is:
 
  Main - 192.168.1.x
  Br1 - 192.168.2.x
  Br2 - 192.168.3.x
 
Can I use Wireshark at the main site to record the traffic coming to the main site from the remote sites over those VPN tunnels in order to determine the current bandwidth used by that traffic?
 
Can I do it without having to capture all the traffic (i.e. can I report on the bandwidth the traffic is using without having to capture that traffic)?
 
I would expect that I will need to capture stats for about a week and don't want to have to save GB worth of wireshark data, unless I have to, in order to accomplish this.
 
Thanks,
 
Gary
 
 
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe