NIC recommendation and advice for building network packet capture PC

1

Greetings,

I am trying to build a dedicated PC for capturing and recording network packets in a heavily loaded test environment. I am expecting total data loads to be between 150-200Mbps and want to achieve 0 packet loss with tcpdump over 10-20 minute capture intervals.

The capture PC shall be configured with Ubuntu running tcpdump. The packets are mirrored to a single port on my HP ProCurve 1810g switch and then onward to the capture PC.

What NIC chipset to use (or avoid) would be helpful, along with any other considerations that would influence packet loss in the scenario I have described.

What are the key performance factors I should be considering in building such a dedicated packet recorder?

Thanks.

codeasone

Posted 2010-08-25T12:54:24.157

Reputation: 278

Answers

0

This is the best information I have found so far on getting the most out of commodity PC hardware.

http://staff.washington.edu/corey/gulp/

The combination of gulp and tcpdump should provide adequate support for my needs with low-cost hardware :-)

The manual page for gulp can be found at: http://staff.washington.edu/corey/gulp/gulpman.html

Anybody else got any ideas or advice on this?

codeasone

Posted 2010-08-25T12:54:24.157

Reputation: 278

Asked: 2010-08-25T12:54:24.157

Viewed: 396 times

Active: 2010-08-25T17:15:09.280