RE: traffic analyzer recommendation?

From: Rik Guyler (rik@guyler.net)
Date: Fri Dec 19 2008 - 14:22:01 ARST

• Next message: But Nicky: "Re: Etherchannel"
• Previous message: But Nicky: "Re: BGP community no-export confusion"
• Maybe in reply to: giuks: "traffic analyzer recommendation?"
• Next in thread: Scott Morris: "RE: traffic analyzer recommendation?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

These protocol analyzers will capture any speed link really but what you
have to be concerned with is the hardware. A very high quality NIC is in
order to capture traffic on high-performance links without dropping and you
also have to make sure that whatever product you choose will support your
hardware and provide promiscuous drivers for it.

Wildpackets sells their own brand of NIC, which is a good bet. Sniffer was
bought out by NetScout (maybe it will be better now) and they probably offer
similar hardware as well for their product. Also, if you plan to capture to
disk, make sure you have sufficient disk I/O. Heavy duty protocol analysis
machines will use a nice robust SCSI setup to keep up with the load. An
IDE/SATA might keep up for a time but will crumble under much of a
persistent load. I think both of the aforementioned vendors offer complete
analysis boxes as well as the components.

Rik

From: giuks [mailto:giuliano.barros@gmail.com]
Sent: Friday, December 19, 2008 11:02 AM
To: Rik Guyler
Cc: Cisco certification
Subject: Re: traffic analyzer recommendation?

Really thanks, Rik.
It is for analyzing high performance giga links and the tools of our company
are not satisfying the requirements, so we are replacing for a new one.

giuks

On Fri, Dec 19, 2008 at 1:20 PM, Rik Guyler <rik@guyler.net> wrote:

Wireshark is free and has the best decodes of all the protocol analyzers out
there. If you have money for a product, I also like Wildpackets Etherpeek
NX, which has the best filtering capability of anything I've seen so far.
There are others too but Wireshark and Etherpeek NX are what I personally
prefer.

Rik

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
giuks
Sent: Thursday, December 18, 2008 11:26 AM
To: Cisco certification
Subject: traffic analyzer recommendation?

Folks,

I need some traffic analyzer (sniffer) recommendations for use with
100/1000mb interfaces, to use with laptops.
It is mainly for generate statistics for clients.
I know some, and I saw some posts but no one with pros and cons...
Do we have some posts about it? What do you recommend or not, and real
issues?

Tks,

giuks

Blogs and organic groups at http://www.ccie.net

• Next message: But Nicky: "Re: Etherchannel"
• Previous message: But Nicky: "Re: BGP community no-export confusion"
• Maybe in reply to: giuks: "traffic analyzer recommendation?"
• Next in thread: Scott Morris: "RE: traffic analyzer recommendation?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:09 ARST