I have been reading the man pages of tcpdump and I am not sure if my OS
will report the relevant info.
Since I would not like to research tcpdump code I would like to get some
help about it from others.
So my kernel would declare on packets that was dropped but still the
connection was OK and was not disrupted in any way I can think about.
What exactly this "drop by kernel" means?
Is it dropped by kernel and was not handled by any application? or it
means that the buffers of tcpdump got filled and there-for was dropped
by tcpdump?
I am not sure I am even asking the right question but this is how it
seems to me.
In any case I would like to do a very big dump into a storage system on
a very loaded system and which I would like to not drop any packet by
either the kernel or any other level if possible.
In a case there are tuning to the system in couple layers I would like
to at least minimize the drops from lots of packets into a small amount
of packets.
Thanks in Advance,
Eliezer
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
