Reported WAN traffic: accurate on bridged interface?

  • I've got a few servers in a datacenter, and just dropped a pfSense firewall in front of them a week and a half ago.

    Everything's running swimmingly (don't know that I'll ever recommend SonicWALL again), but I have a question on bandwidth used.  Basically I've been getting billed for 1 Mb/s, but I'm seeing higher usage than that.  I'm trying to determine whether this is because my colo provider isn't tracking things properly, or whether it's an artifact of the way pfSense tracks data.

    The setup has my servers on an OPT interface which is bridged with the WAN.

  • A bridge will pass broadcast traffic and layer 2 messages as well. This can cause some overhead that you are not billed for as it doesn'T leave your subnet. Maybe this is the additional traffic that you are seeing on your bridge.

  • OK.  But it's not doubling the numbers by counting opt outgoing and the corresponding wan incoming independently then?

    I was thinking it might be doubling the count.  Sounds like it's not, though.  :)

  • It only counts in/out traffic at one interface and as you only view one of the interfaces you shouldn't see traffic in the graph from another interface. However I haven't tested this yet. Maybe you can do some tests to verify your suspicions?

