Hi all
I have just deployed bro onto two systems on my border gateway. They sit
off a tap and each system has individual Rx and Tx interfaces bridged using
brctl. I am not seeing any interface dropped packets or errors from the
Ubuntu host via ifconfig.
When looking at my data within bro that monitors a standalone configuration
of br0 has the below line repeated a few times throughout the notice.log
1477283201.681213 - - - - - - -
- - PacketFilter::Dropped_Packets 2739608 packets
dropped after filtering, 12351460 received, 12351686 on link - -
- - - bro Notice::ACTION_LOG3600.000000 F
- - - - -
We seem to be getting lots of data and as far as CPU and memory resource
consumption goes it's not under strenuous load. I haven't changed too much
of the configuration of the 2.4.1 build.
Sorry if this has been discussed or asked before but what can I look at
optimising or tuning to reduce the packet loss?
One thread I found wasn't bros issue but the tap and an upgrade of the
software fixed it. I cannot do this as it's without software to tune. It's
a vss active 1gb tap, doesn't seem to be the tap at this stage but it quite
possibly could be :)
Thanks
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20161024/0f9ebc4d/attachment.html