Networking :: Packet Drop Measured By Ethtool / Tcpdump And Ifconfig

May 19, 2010

I have a question regarding packet drops. I am running a test to determine when packet drops occur. I'm using a Spirent TestCenter through a switch (necessary to aggregate Ethernet traffic from 5 ports to one optical link) to a server using a Myricom card. While running my test, if the input rate is below a certain value, ethtool does not report any drop (except dropped_multicast_filtered which is incrementing at a very slow rate). However, tcpdump reports X number of packets "dropped by kernel". Then if I increase the input rate, ethtool reports drops but "ifconfig eth2" does not.

In fact, ifconfig doesn't seem to report any packet drops at all. Do they all measure packet drops at different "levels", i.e. ethtool at the NIC level, tcpdump at the kernel level etc? And am I right to say that in the journey of an incoming packet, the NIC level is the "so-called" first level, then the kernel, then the user application? So any packet drop is likely to happen first at the NIC, then the kernel, then the user application? So if there is no packet drop at the NIC, but packet drop at the kernel, then the bottleneck is not at the NIC?

View 1 Replies


ADVERTISEMENT

Networking :: Packet Drop Measured By Ethtool, Tcpdump And Ifconfig?

May 20, 2010

I am running a test to determine when packet drops occur. I'm using a Spirent TestCenter through a switch (necessary to aggregate Ethernet traffic from 5 ports to one optical link) to a server using a Myricom card.While running my test, if the input rate is below a certain value, ethtool does not report any drop (except dropped_multicast_filtered which is incrementing at a very slow rate). However, tcpdump reports X number of packets "dropped by kernel". Then if I increase the input rate, ethtool reports drops but "ifconfig eth2" does not. In fact, ifconfig doesn't seem to report any packet drops at all. Do they all measure packet drops at different "levels", i.e. ethtool at the NIC level, tcpdump at the kernel level etc?nd am I right to say that in the journey of an incoming packet, the NIC level is the "so-called" first level, then the kernel, then the user application? So any packet drop is likely to happen first at the NIC, then the kernel, then the user application? So if there is no packet drop at the NIC, but packet drop at the kernel, then the bottleneck is not at the NIC?

View 1 Replies View Related

Networking :: Tcpdump Shows Packages Even IPTables Policy Set To Drop

Feb 19, 2010

I have set the iptables INPUT policy to DROP. As I have expected tcpdump wasn't showing any packages... for a while. Suddenly it begun to show UDP syslog packages being sent by a remote host. It is conform with the configuration of syslog, but since the INPUT policy was set to DROP, with no exceptions, it is not conform with configuration of iptables. Why after setting INPUT policy to DROP, with no exceptions most of the packets recieved before are being dropped and some not, as tcpdump shows?

View 7 Replies View Related

General :: Tcpdump/ngrep Sniff Packet Network Command Lines?

Jun 21, 2011

I would like to know the command lines for;

-detecting the wifi in my house without being connected to it

-getting ips/macaddress from the people connected to the wifi

View 2 Replies View Related

Red Hat / Fedora :: Ifconfig Not Showing Packet Statistic For Sub-interface

Jul 19, 2009

I get this ifconfig output for eth0:1 :

eth0:1

Where are all the packet statistics?

View 2 Replies View Related

Ubuntu Networking :: Send The Keys Or Value As The Packet Data (content Of The Packet) In Ns-2 (for Wireless Environment)

Jul 12, 2010

I am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).

View 1 Replies View Related

Networking :: Ethtool Not Properly Enabling WOL?

Nov 25, 2008

I'm having problems enabling Wake-on-LAN using ethtool.I'm using ethtool 5.1 on Fedora 8. Ethtool reports that the card supports u,m,b,g for WOL modes. I can run "ethtool -s eth0 wol g", which completes without errors.If I run ethtool again, the Wake-on setting is changed to whatever I just set it to. However, when I actually shutdown the machine, the lights on the NIC don't stay on as they normally should, and any attempts to wake the machine have no effect. The machine dual-boot Windows XP, and I have enabled WOL in the driver there. When I shutdown the machine from XP, everything works just fine. The NIC lights remain on and the machine wakes up properly. So...I think I have my BIOS configured properly, and my WOL utility is working properly.

Hardware Info:
------------------------------------------------------------
Adapter: Intel Pro/1000 GT PCI (Vendor ID: 8086, Device ID: 107C
Motherboard: Asus P5Q Pro

lspci Output:
------------------------------------------------------------
Ethernet controller: Intel Corporation 82541PI Gigabit Ethernet Controller (rev 05)

ethtool Output:
------------------------------------------------------------
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full

[code]....

dmesg Output:
------------------------------------------------------------
e1000: eth0: e1000_probe: Intel(R) PRO/1000 Network Connection
ADDRCONF(NETDEV_UP): eth0: link is not ready
e1000: eth0: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex, Flow Control: RX/TX

[code]....

View 2 Replies View Related

Networking :: Wake On Lan Settings In Ethtool?

Mar 3, 2009

Im trying to remote power on my debian machine with gnome with the wake on lan function. I enabled it on my mainboard and was configuring my ethtool. There i see:

root@lappy:~# ethtool eth0
Settings for eth0:
Supports Wake-on: g
Wake-on: d
Link detected: yes

and after this command ethtool -s eth0 wol g i get this:

root@lappy:~# ethtool eth0
Settings for eth0:
Supports Wake-on: g
Wake-on: g
Link detected: yes

So i enabled it on software and hardware. Now im trying to sent the magic packets with a windows tool "wake on lan" I see that the package has been sent but the pc wont turn on. So when i check the ethtool settings again i see that it turned to:

Wake-on: d

View 4 Replies View Related

Networking :: Can't Change To 1000 Speed With Ethtool?

Aug 9, 2010

I have two onboard gigabit connections and a PCI-E gigabit card, none of which seem to want to run beyond 100M. Everytime I issue the command to change speed to 1000M, it does nothing. I have tried modifying the interfaces file to make sure the command line for ethtool gets done automatically, but still no luck.

Below is the output from the use of ethtool to change speed. Since I am having performance issues with my local area networking (e.g. Samba transferring slower than the internet), I have been trying to figure out how to debug my network performance, and this was an obvious thing that stood out. The router and card are gigabit, yet don't use their full transfer rates.

[Code]...

View 9 Replies View Related

Ubuntu Networking :: Ethtool Is Reseting Wol Setting Before Suspendind?

Feb 28, 2011

So I have tried looking on the web for a solution to this, but I can't find anything. I have only found 2 posts with the same problem and both went unanswered. So I want to set my ubuntu machine to WOL with both Magic Packet and Unicast (the g and u functions in ethtool wol) wol supported: pumbg (thus g and u are both supported) I use "sudo ethtool -s eth0 wol ug" and check to see if it changed, and it does

sudo ethtool eth0
"wol: ug"

After I suspend though, only magic packet will wake it up! I go back in and check with "sudo ethtool eth0" and low and behold, it is back to only being "wol g", which is the default. For some reason it must bump back to default before going into suspend. NOTE, this is with suspend, not even a reboot or a shutdown! Even suspend will reset it to default. I have worked on adding a script to /etc/init.d, adding lines to /etc/rc.local, and adding lines to /etc/networking/interfaces, all with no change.

Any idea what is going on and why it is resetting wol back to default?? I know I should be happy at LEAST it does magic packet, but I want to know why it wont change.

View 2 Replies View Related

General :: Networking Commands - Difference Between Ethtool And Miitool

Jun 21, 2010

I just started learning network on linux platform. Today I came across two commands ethtool and miitool. Both of them seems to do similar kind of jobs. Now I am confused what is the difference between them.

View 2 Replies View Related

Ubuntu Networking :: Mii-tool Gives Error While Ethtool Shows Results?

Aug 31, 2010

I have upgraded to 10.04 from 9.10 after that, i get this strange issue.I have acutally asingned static address in the network manager applet.

Code:
mahiti@mahiti-admin:~$ sudo mii-tool -vv eth4
Using SIOCGMIIPHY=0x8947

[code]....

View 1 Replies View Related

Networking :: Ethtool Command Not Changing Speed Of Ethernet Card?

Feb 14, 2011

I have a CentOS 5.5 machine (hosted at a remote hosting company) where "ethtool" reports that the eth0 device is currently in 10 Mbps mode, but the output indicates that it supports 100 Mbps. But if I try using ethtool to switch the device into 100 Mbps mode, it doesn't work; after running the command to switch it to 100 Mbps, ethtool reports the speed is still 10 Mbps:

[root@sls-eb5p17 network-scripts]# ethtool eth0
Settings for eth0:
Supported ports: [ TP MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full

[Code]...

The man page at [URL]..ethtool seems to suggest that this should have worked. Any reason why the reported speed of the device didn't change? Changing other settings doesn't appear to work either, e.g. if I specify "duplex half" instead of "speed 100", eth0 still reports "Duplex: Full".

View 6 Replies View Related

Networking :: How To Create Dump Log Using TCPdump

Dec 7, 2010

I am trying to create a dump log using tcpdump. I want display the top 10 ip addresses sorted numerically showing how many times the ips are hitting the server. I'm getting frustrated because It's not working how I'd like it to.

View 1 Replies View Related

Networking :: Using Multiple Interfaces For Tcpdump?

Feb 16, 2011

Is there a way to do multiple interfaces in tcpdump? I have found that when using "-i any", not all packets are captured (compared to "-i eth0" on a machine with only one interface). I need to monitor traffic on some machines with as many as 6 interfaces, and get these packets that "-i any" misses. When I give the "-i" option multiple times, it seems to only use the last one.

View 3 Replies View Related

Networking :: Tcpdump -w Not Writing Data?

Oct 18, 2010

I'm trying to capture packets to a file with the -w option but the file is empty yet if I use the '-w -' option to put data on stdout I see plenty of captured packets.I'm using CentOS 5.5 x86

Code:
[root@server ~]# tcpdump -v -i eth0 -w dump -s0
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

[code]....

View 2 Replies View Related

Networking :: Rotating Capture Files Using Tcpdump?

Apr 6, 2010

I would like to set up tcpdump to rotate log file every 1 hour and retain files for the lat 14 days but I don't think any combination of -C and -W would allow me to do that (Atleast I haven't been able to figure it out), so I am trying to rotate the files every X number of MB and retain the last 20 files. This seems to be fairly simple with the '-C X -W 20' option but I am having some trouble in customizing the names of the log files. I have tried '-w capture-$(date +%Y-%M-%d-%H:%M-)' thinking that each file would start with the current date and time but all files are using the date and time when the capture was started so the only difference is the number at the end (which is done by -W). if I can customize the names of the file so that it has the date and time when the capture in started. In fact if I can do that, I dont need the numbers that '-W' appends at the end but I dont know how to get rid of them.

View 4 Replies View Related

Networking :: Tcpdump - No Suitable Device Found?

May 27, 2010

I'm running NetWare SLES 10 sp3 with OES2 sp2. I was working with the folks at Novell to resolve an iPrint Print Manager problem.

During the process they wanted to perform a packet capture using tcpdump. While logged in as the root user the error no suitable device was found, and I received no data at all. This server is running on a VMWare Center. On other SLES 10 sp3 systems (residing on that same VMWre Center), tcpdump captures packets just fine. I inherited all of these servers, so I wasn't here during the initial build, but I'd make the guess that they were configured similarly. On a Server that I built recently, tcpdump works fine. On two of my Servers it does not, and gives the mentioned error.

It's not that big a deal, otherwise the Servers are communicating and working just fine. But, I'd like to get it working just because it's supposed to work. Students are off for the summer, so I have time to play.

View 5 Replies View Related

Ubuntu Networking :: Tcpdump Shows Lots Of Activity

Jan 24, 2011

The only window that's open is the terminal running this command, no pidgin, skype, samba, torrent or anything I can think of is using the network yet there is ***** load of output from tcpdump. I was hoping to use this to check where certain applications connect to and what messages they send but when I'm doing nothing there is already more output than I can go through. Running tcpdump for less than 10 seconds gives me the following output:

Code:
16:13:22.015683 IP ns.hihkptt.net.cn.domain > desk.local.56598: 46887 1/2/2 (166)
16:13:22.016251 IP ns.hihkptt.net.cn.domain > desk.local.60099: 21168 1/2/2 (166)
16:13:22.016743 IP ns.hihkptt.net.cn.domain > desk.local.42325: 50346 1/2/2 (166)
16:13:22.034733 IP ns.hihkptt.net.cn.domain > desk.local.41441: 63658 1/2/0 (134)
16:13:22.035215 IP ns.hihkptt.net.cn.domain > desk.local.42865: 37537 1/2/0 (134)
16:13:22.036124 IP ns.hihkptt.net.cn.domain > desk.local.35006: 7520 1/2/0 (134)
16:13:22.036569 IP ns.hihkptt.net.cn.domain > desk.local.38480: 51322 1/2/0 (134)
16:13:22.066006 ARP, Reply 192.168.0.1 is-at 00:b0:0c:02:60:9c (oui Unknown), length 46 .....

View 2 Replies View Related

Networking :: Tcpdump Not Writing Raw Packets With Write Switch?

Nov 21, 2010

I am trying dump some packets using tcpdump and it does not seem to be working.

System is fedora12
TCPDUMP v4.1
Libpcap v1.0
I even rolled my own,
TCPDUMP v4.1.1
libpcap v1.1.1

View 1 Replies View Related

CentOS 5 Networking :: Tcpdump Error With NFS Port Sniffing

Feb 16, 2010

I have configured NFS Server on CentOS 5.2 with IBM Web Server,which is having AIX 5.3 The IBM Web Server can upload all data onto NFS Server. Now, Today i was having slow response on IBM Web Server & by measuring the NFS, i found below error while running "tcpdump" command on CentOS Server.

tcpdump -n -i eth1 | grep 2049
18:36:37.237451 IP 10.100.19.241.2049 > 10.100.19.88.1758143293: reply ok 1448 read [|nfs]
18:36:37.237476 IP 10.100.19.241.2049 > 10.100.19.88.539981409: reply ERR 1448
18:36:37.237481 IP 10.100.19.241.2049 > 10.100.19.88.796287348: reply ERR 1448

[code]....

I have changed Network Card in CentOS. All LAN is on Gigabit Network. Also I have changed the Network Cable(Patch Cord). But,still no response.

View 3 Replies View Related

Server :: Get File Modification Times Measured To Less Than A Second?

Mar 17, 2010

Is it possible to get file modification times measured to less than a second?milisecond, nanosecond, 10th of a second.

View 3 Replies View Related

CentOS 5 Server :: Authenticate/Decrypt Packet Error: Packet HMAC Authentication Failed

Sep 17, 2009

I got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):

Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622

[code]....

View 5 Replies View Related

General :: Networking - Interface Stops Receiving Packets As Seen By Tcpdump

Mar 30, 2011

I have a linux box with two interfaces: eth0 is a builtin and eth1 is a USB-LAN.

There is an IP configured on eth1.

eth0 is up but no IP is configured. This interface is used for sniffing with tcpdump.

The problem is that eth0 frequently stops receiving packets -- my tcpdump captures are empty, and if I look at the interface stats with ifconfig, I can see that no packets are received.

If I bounce the interface (ifconfig eth0 down; ifconfig eth0 up), it starts receiving packets again.

View 1 Replies View Related

Networking :: Correct Command To Filter Outgoing Traffic With Tcpdump?

May 6, 2010

I have a need to make a rather odd filter in tcpdump- I would like to capture only all those packages on interface eth0, that are outgoing(in other words from IP 192.168.1.1, which is IP for eth0 in this computer) and doesn't have src MAC address 11:22:33:44:55:66. However, fallowing command says, that syntax is wrong:

Code:
tcpdump -n -p -i eth0 src host 192.168.1.1 ether src not 11:22:33:44:55:66
Is this possible? If yes, then what is the correct command?

View 3 Replies View Related

Networking :: Convert Tcpdump Output File To A Pcap Format?

Feb 21, 2011

How to convert Tcpdump output file to a Pcap format? Is there such way?

This is what i mean:

tcpdump -i eth0 >> test.out

Now i want to convert test.out to Pcap so It's readable via Wireshark.

View 5 Replies View Related

Networking :: Opnet With Traffic Data Gathered Using Tcpdump Tool?

Jan 11, 2011

I have a WAN network that i need to do some analysis on, for the traffic flows. I did lots of googling to figure out what useful tool to collect the packet informations.I found this site [URL]..witch i made great use of to recognize the tcpdum tool. I also have a network simulator on windows platform wich is Opnet Guru, (by the way.. is there a linux version for this simulator?).

MY QUESTION IS: How can i feed the Opnet Guru with the flows data collected with the

Code:
tcpdump
with its different options?

NOTE: in the Opnet Guru invironment there is an object called the profile that is beeing used to customize and genarate data flows with the desired characteristics to simulate the real flows. So i need to feed the Opnet with the fresh data collected with the tcpdump tool (command) instead of using the built-in profile.. i hope i was clear enough..

View 3 Replies View Related

Networking :: Make Opnet Guru To Get Data From Tcpdump Tool (command)?

Jan 15, 2011

I have a WAN network that i need to do some analysis on, for the traffic flows. I did lots of googling to figure out what useful tool to collect the packet informations.I found this site http://scrutin.wordpress.com/2007/04...-tcpdump/witch i made great use of to recognize the tcpdum tool.
I also have a network simulator on windows platform wich is Opnet Guru, (by the way.. is there a linux version for this simulator?).
MY QUESTION IS::
How can i feed the Opnet Guru with the flows data collected with the
Code:
tcpdumpwith its different options?
NOTE: in the Opnet Guru invironment there is an object called the profile that is being used to customize and genarate data flows with the desired characteristics to simulate the real flows. So i need to feed the Opnet with the fresh data collected with the tcpdump tool (command) instead of using the built-in profile.

View 1 Replies View Related

Ubuntu :: Slow Upgrade Speed Rate (measured In Bits Per Second)?

May 1, 2010

im willing to upgrade to 10.04, but before i would like to have installed the regular upgrades. They make a total of 100megabytes, but my problem is that the download speed is soo slow, its like 2000 bits per second... amazing. I don't where the problem is. I have broadband, and internet works just great for the whole system and applications.

Sorry for my english in case you didn't understand something!

View 5 Replies View Related

Networking :: IFConfig Changes Not Reflected In GUI

Dec 25, 2008

I have seen this in fedora 8/9 systems :- when I configure the eth0 card and give it a ip address using the ifconfig command from the terminal window and then check out the card from the network config GUI subsequently, it doesnot reflect the ip address as configured through the ifconfig command. However, the ifconfig command continues to show the new ip address as usual. If I need to change the ip address of the eth0 interface which should be the prefered mechanism - the ifconfig command or the GUI. Ofcourse I understand that, for the ifconfig command mechanism a line would have to be added to the rc. Local file so that the change is effective on every subsequent bootup.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved