I'm experiencing similar problems. We're running pfdnacluster_master on Silicom 10g fiber cards. We probably push 2-8 Gbps 24/7.
We're running argus and Snort on top of pfdnacluster_master. Depending on the volume of traffic, argus is unable to determine the direction of a flow about 30% of the time. The author of the tool says that means it missed the SYN or SYNACK packets. It would appear to me that we're experiencing a similar problem. Let me know if you'd like a pcap from out network. Is it possible to FTP it to you? Thx. Craig From: [email protected] [mailto:[email protected]] On Behalf Of ??? Sent: Sunday, August 04, 2013 5:41 PM To: [email protected] Subject: Re: [Ntop-misc] Packet loss with TCP ACK flag Hi Alfredo Thanks for your reply, I have attached two pcap files. Please follow the link below: https://dl.dropboxusercontent.com/u/15270251/stc_port0_to_port1.pcap https://dl.dropboxusercontent.com/u/15270251/stc_port1_to_port0.pcap Thanks
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
