Fabian Schneider wrote:
Hi,Regarding the OS we have done testing on this some five years ago. Back then we found that FreeBSD performed better than Linux. Yet there have been improvements proposed for both Linux (memory mapping, and Luca Deri's work) and FreeBSD ("zero-copy BPF and Alexandre Fiveg's work). To get details just google all this. Yet, experience from operating a large scale packet capturing systems shows that the biggest challenge usually is to have a disk system that is fast enough to write the stream of packets to disk. You might want to check this first. (e.g. you can run a Bonnie++ to see how fast your disk system is.)
And be certain to beat on the filesystem/disc with I/Os of the size that will be coming from your packet capturing...
rick jones - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
