On Thu, Dec 07, 2000 at 09:51:42PM -0800, Alfred Perlstein wrote:
> I'm very curious how they managed to run "windump" on FreeBSD.
Presumably they're referring to tcpdump there, as per the first
paragraph in "2. Tests":
This Section aims at giving some indications about the
performance of the capture process on various operating
systems. Results obtained under the various Windows
platforms have been compared with the ones provided by
BPF/libpcap/TCPdump in FreeBSD 3.3 in order to determine
the goodness of our implementation.
> Honestly, it really looks like the fault lies with the way tcpdump
> writes to disk and not with FreeBSD.
Perhaps. However, from my stracing of windump on NT 4 SP4 and trussing
of tcpdump on FreeBSD 3.4, the only difference appears to be that
tcpdump does 8K writes and windump does 4K writes....
Currently, I suspect that it lies with the BPF kernel buffer only being
32K; that's the most you can get on FreeBSD 3.x, but you can crank it up
to 512KB on 4.x - libpcap on 4.x only sets it to 32K, though.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
