For a TCPIP connection, NetMaster shows the following messages:
08.36.15 IPCM2311 Connection opened: local addr=nn.nn.nn.33..48413 remote addr=nn.nnn.nnn.246..443 jobname=xxx
08.36.15 IPCM2312 Connection closed: local addr=nn.nn.nn.33..48413 remote addr=nn.nnn.nnn.246..443 jobname=xxx bytes in=5 bytes out=300 user=N/A
However, a SmartTrace show different values
Tcp Sessions Report
------------------------------------------------------------------------
32 packets summarized
Local Ip Address: nn.nn.nn.33
Remote Ip Address: nn.nnn.nnn.246
Host: Local, Remote
Client or Server: SERVER, CLIENT
Port: 48413, 443
Application: , https
Link speed (parm): 10, 10 Megabits/s
Connection:
First timestamp: 2021/12/15 08:36:15.430450
Last timestamp: 2021/12/15 08:36:15.545485
Duration: 00:00:00.115035
Average Round-Trip-Time: 0.005 sec
Final Round-Trip-Time: 0.042 sec
Final state: CLOSED (ACTIVE CLOSE)
Out-of-order timestamps: 0
Data Quantity & Throughput: Inbound, Outbound
Application data bytes: 4998, 653
Sequence number delta: 5000, 655
Total bytes Sent: 4998, 654
Bytes retransmitted: 0, 0
Throughput: 42.442, 5.545 Kilobytes/s
Bandwidth utilization: 3.47%, 0.45%
Delay ACK Threshold: 200, 200 ms
Minimum Ack Time: 0.000004, 0.000019
Average Ack Time: 0.003466, 0.000081
Maximum Ack Time: 0.009125, 0.000200
Data Segment Stats: Inbound, Outbound
Number of data segments: 7, 7
Maximum segment size: 8952, 1460
Largest segment size: 1448, 322
Average segment size: 714, 93
Smallest segment size: 51, 6
Segments/window: 2.3, 1.0
Average bytes/window: 1666, 93
Most bytes/window: 4413, 322
Protocol Report
Total Input Data Output Data First yyyy/mm/dd hh.mm.ss Last yyyy/mm/dd hh.mm.ss Protocol
32 15 4998 17 654 1 2021/12/15 08:36:15 32 2021/12/15 08:36:15 6(TCP)
32 15 4998 17 654 Total
1 Protocol(s) found
Protocol Summary Report
Input Output Total
Protocol Packets Bytes Packets Bytes Packets Bytes
Tcp 15 4998 17 654 32 5652
Udp 0 0 0 0 0 0
Icmp 0 0 0 0 0 0
SNA 0 0 0 0 0 0
Other 0 0 0 0 0 0
Data Byte Totals
Ip header: 640
Protocol Header: 1024
Data : 5652
Total: 7316
Why is the IPCM2312 message reporting very different input/output numbers to what was actually transmitted?
Release : 12.2
Component : NetMaster Network Management for TCP/IP
Port 443 is HTTPS. The packet trace is reporting all the data flowing, including certificates, which are typically 100s to 1000s of bytes. SMF is reporting the application payload only.
IPCM2312 is getting the data from SMF, so this explains the difference.