tcpdump mailing list archives
Re: question about hardware requirements
From: Jefferson Ogata <Jefferson.Ogata () noaa gov>
Date: Thu, 22 Jan 2004 16:58:03 -0500
Michael Richardson wrote:
"Zhanxiang" == Zhanxiang Huang <zh4c () cs virginia edu> writes:Zhanxiang> In order to use tcpdump snooping 1Gbps traffic withoutZhanxiang> dropping packets, Zhanxiang> what are the requirements for the hardware?Zhanxiang> Say, how fast should the CUP, memory, cache, buses and hardZhanxiang> drive be?I'm not aware of any current off-the-shelf hardware that can deal with this. You'd need a PCI-Express equipped system with a NIC card that can dealwith the data rates involved.If you want to do Gb/s, you'll need hardware dedicated to the purpose. I.e. Smartbits, etc.
Another alternative is to use multiple boxes behind an IDS load balancer. TopLayer produces suitable devices for this.
-- Jefferson Ogata <Jefferson.Ogata () noaa gov> NOAA Computer Incident Response Team (N-CIRT) <ncirt () noaa gov> - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- question about hardware requirements Zhanxiang Huang (Jan 16)
- Re: question about hardware requirements Michael Richardson (Jan 22)
- Re: question about hardware requirements Koryn Grant (Jan 22)
- Re: question about hardware requirements Jefferson Ogata (Jan 22)
- Re: question about hardware requirements Michael Richardson (Jan 22)