question

JUNNAKA-7375 avatar image
0 Votes"
JUNNAKA-7375 asked JUNNAKA-7375 commented

How to know how much data(Bytes) Win10 Cliet receive on TCP Protocol.

Good afternoon,

It is for the first time to ask questions on this web site.

Now I'm testing our System Behavior between Fat Windows Client and AWS EC2 Windows Server.
To Know and Estimate how much it is cost per Application, I have to check how much bytes the client receive per exe, per hour or at a certain interval time.

I'm searcing how to watch how much bytes the client receive, but I hasn't reachd best tools, way or solutions which doesn't require installing and any money cost.

How can I watch how much bytes the client receiving from AWS EC2 Server via TCP Protocol.



EC2 Server's OS: Windows Server 2016 Datacenter Ver,1607(OS Build 14393.3930)
Client's OS: Windows 10 LTSB Ver,1607(OS Build 14393.3930)

Any help is appreciated.

JUN NAKA in Kyoto, Japan

windows-serverwindows-10-generalwindows-10-network
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just want to confirm the current situations.

Please feel free to let us know if you need further assistance.

0 Votes 0 ·

I'm sorry to be late for reply. (I couldn't psot reply on this page via IE) Recently, I was allowed to install google chrome by my office manager, and I'm able to post this reply.

The question has been resolved by using Performance monitor and it's recording function.

Thank you for your Answer.

0 Votes 0 ·
TimCerling-5039 avatar image
0 Votes"
TimCerling-5039 answered TimCerling-5039 edited

You can use the built-in perfmon utility to monitor network traffic. However, it does not track traffic by application. For that, as Candy states, you will need to obtain a third party product.

See https://docs.microsoft.com/en-us/windows-server/networking/technologies/network-subsystem/net-sub-performance-counters for information on monitoring network traffic with perfmon.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CandyLuo-MSFT avatar image
0 Votes"
CandyLuo-MSFT answered

Hi ,

>>I'm searcing how to watch how much bytes the client receive, but I hasn't reachd best tools, way or solutions which doesn't require installing and any money cost.

There is no build-in way could achieve you goal, you need to install some third-party tools like Wireshark to achieve your goal.

Best Regards,

Candy


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GaryNebbett avatar image
0 Votes"
GaryNebbett answered

Hello JUN NAKA,

One option would be to use Event Tracing for Windows (ETW), in particular the Microsoft-Windows-TCPIP and Microsoft-Windows-Kernel-Process providers.

The TcpConnectionSummary event contains the number of bytes sent/received and local/remote addresses:

TCP: Connection 0xffffdd06051f5ba0 Summary: DataBytesOut 12829 DataBytesIn 8001 DataSegmentsOut 13 DataSegmentsIn 8 SegmentsOut 21 SegmentsIn 15 NonRecovDa
0 NonRecovDaEpisodes 0 DupAcksIn 0 BytesRetrans 0 Timeouts 0 SpuriousRtoDetections 0 FastRetran 0 MaxSsthresh 2920 MaxSsCwnd 27230
MaxCaCwnd 0 SndLimTransRwin 1 SndLimTimeRwin 0 SndLimBytesRwin 0 SndLimTransCwnd 0 SndLimTimeCwnd 0 SndLimBytesCwnd 0
SndLimTransSnd 1 SndLimTimeSnd 0 SndLimBytesSnd 12833 ConnectionTimeMs 3568 Timestamps FALSE RttUs 247980 MinRtt 239835 MaxRtt 294658 SynRetrans 0 CongestionAlgorithm CUBIC
State ClosedState Local 192.168.0.6:62492 Remote 52.114.32.6:443 CWnd 27230 SsThresh 4294967295 RcvWnd 66240 RcvBuf 66240 SndWnd 262656.

The TcpTcbConnectComplete event, when correlated with the TCB value from the summary event (0xffffdd06051f5ba0) can identify the process ID and the ProcessStart event can be used to translate the process ID into an executable file name.

Gary

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.