tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [tcpdump-workers]tcpdum lose packets

From: liu.yongfeng () zte com cn
Date: Wed, 14 Jan 2009 10:29:12 +0800
I did not capture all traffic to and from the server. I set a filter and 
only capture the packets that send to one client.

#tcpdump host ClientIP  -s0 -w 1.cap

This client only get one RTP Stream about 1.5MBit/s



 




Guy Harris <guy () alum mit edu> 
发件人:  tcpdump-workers-owner () lists tcpdump org
2009-01-14 09:50
请答复 给
tcpdump-workers () lists tcpdump org


收件人
tcpdump-workers () lists tcpdump org
抄送

主题
Re: [tcpdump-workers]tcpdum lose packets







On Jan 12, 2009, at 11:09 PM, liu.yongfeng () zte com cn wrote:


I use tcpdump to capture the packets of one RTP stream  in my rtsp
server,


So you're running tcpdump on the server, trying to capture the traffic 
on that RTP stream?

If that's true, what filter are you using when you're capturing?  Or 
are you trying to capture *all* the traffic to and from the server?


by the RTP sequence number,i found some packets had lost.
but in the client that conneted to this server in the same time ,use
tcpdump capture the packets of this RTP stream,


So, in that case, you're running TCP on the client, trying to capture 
the traffic on the same stream?

If that's true, what filter are you using when you're capturing?  Or 
are you trying to capture *all* the traffic to and from the client?


i do not found lost packet.i don't konw why?


If you're not using a filter when you're capturing, the problem could 
be that your server has more traffic going to and from it than your 
client does, so if you're capturing *all* the traffic to or from the 
server, that requires more kernel buffer memory, more CPU, and more 
disk bandwidth than if you're capturing all the traffic to or from the 
client.

Unfortunately, RTP doesn't use fixed port numbers, so it's hard to set 
up a filter to capture all the traffic on an RTP stream.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.




--------------------------------------------------------
ZTE Information Security Notice: The information contained in this mail is solely property of the sender's 
organization. This mail communication is confidential. Recipients named above are obligated to maintain secrecy and are 
not permitted to disclose the contents of this communication to others.
This email and any files transmitted with it are confidential and intended solely for the use of the individual or 
entity to whom they are addressed. If you have received this email in error please notify the originator of the 
message. Any views expressed in this message are those of the individual sender.
This message has been scanned for viruses and Spam by ZTE Anti-Spam system.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: