advice for heavy traffic capturing

[Motonori Shindo <mshindo () mshindo net>]

Hi,

I'm involved in a project to do some network traffic analysis. One of
the goals of this project is to identify an equipment that is
supposedly dropping packets. My idea to achieve this goal is to
capture traffic by tcpdump at both sides of equipment in question and
compare them to determine whether it is actually dropping packets (I
probably need to do some programming here). My concern is how fast
tcpdump can keep up with without any packet loss. The traffic that I
have to monitor is around 150Mbps at a peak time. It should be
dependent on the underlying operation system, network interface card,
CPU, hard disk and possibly many others. I'd like to know which
component is likely the most contributing factor to get higher
performance. Another concern is that one of the interface I might have
to tap is 1000BASE-SX, which I have no experience with for capturing.

Any recommendation/advice about operating system, network cards, and
methodologies, along with any other possible factors I should be aware
of will be highly appreciated.

Best Regards,

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.