Help
FortiAuthenticator
FortiAuthenticator provides access management and single sign on.
fropert_FTNT
Staff
Staff

Created on ‎04-11-2014 12:29 AM Edited on ‎07-30-2023 11:54 PM By Moderator

Article Id 191509

Technical Tip: FSSO DC Agent bandwidth usage calculator

Description

This article describes that the DC Agent bandwidth usage can be estimated with the following GO script.

 
Network communications initiated from a DC Agent:
  • UDP/8002 packets with Collector Agent.
  • DNS queries to DNS server (Windows 2008 R2 behavior = 2 DNS queries attempts over UDP port 53 then 1 LLMNR query using 224.0.0.252 multicast address. If the DNS server cache the answer for a specific workstation name that does not exist then only the LLMNR query will be attempted for the next logon tries).
  • LLMNR query to the local multicast subnet.
 
Bandwidth usage calculation:
 
Bandwidth in Bytes per second = (18) + number of logons per second * (13 + payload string length).
  • 18 = UDP port 8002 keepalive mean average calculated in lab per second.
  • 13 = DC Agent protocol header length.
  • Payload string length = DNS WORKSTATION NAME/DOMAIN/USERNAME. Example: WORKSTATION.fsso.local/FSSO/Francois.
 
Script execution:
 
go run dcagent_bwcalc.go Y 1000 WORKSTATION.fsso.local/FSSO/Francois
49018
 
Script arguments:
 
Y = Keepalive status (Enabled by default).
1000 = New logons per second.
WORKSTATION.fsso.local = Workstation name.
FSSO = Domain name.
Francois = Username.
 
Script result:
 
The GO script will return the bandwidth usage in Bytes per second.
DNS and LLMNR bandwidth usage is excluded.
The logons per second can be evaluated from the tool available on KB article FD34899 entitled 'Logons per second rate calculation with dcagentlog.txt'.
Scope FSSO DC Agent.
Solution

/* Args: Keepalive: Y or N (Default: Y) Logons per second: 50 Payload: WORKSTATION.fsso.local/FSSO/Francois Notes: - Please use dcagent_logonspersecond.go to get logons per second. - DNS and LLMNR bandwidth usage is excluded. - Value returned is in Bytes per second. Author: fropert */ package main import ( "fmt" "os" "strconv" ) var keepalivelen int = 18 // UDP port 8002 keepalive 18 Bytes per second var headerlen int = 13 // DC Agent protocol header length func bwcalc(keepalivequestion string, logonsquestion int, payloadquestion string) int { var usage int if keepalivequestion == "Y" { usage += keepalivelen } usage += logonsquestion * (headerlen + len(payloadquestion)) return usage } func main() { keepalive := os.Args[1] logons, err := strconv.Atoi(os.Args[2]) if err != nil { os.Exit(1) } payload := os.Args[3] fmt.Println(bwcalc(keepalive, logons, payload)) }
1922
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.