Re: How to build a 10Gbe test environment and monitor it with Wireshark?

[David Aldrich <David.Aldrich () EMEA NEC COM>]

Hi Patrick

Thanks very much for your reply.

> Typically, monitoring a 10Gb link involves using a tap (or a switch with a SPAN port).  Are you using copper or fiber? 

I don't know which to choose.  The cable length will be <5m.  Which would you suggest?

> Depending on the load you expect on the 10Gb link, you might even need a filtering tap.

It seems that a tap is just a switch with a montoring port. Am I correct?

> If you have a decent tap and can filter the data you care about to less than 1Gbps, 
> you can filter the 10G in the tap and feed it to your Wireshark system over a 1G link.  

I had thought of just running Wireshark on the same PC as the test application. Then I wouldn't need a tap.  But 
perhaps I should run it on a separate PC and then will need a tap.

> If you have to have a 10Gbps NIC, there are plenty to choose from, and just about all of them
> are based on one of a few Intel controllers.  If you have a budget that permits, there are several 
> companies that make 10Gbps boards specifically designed for packet capture, but they can be 
> pricey from what I understand.

Ok

> Windows systems usually have more overhead than allowed for effective high bandwidth capture - 
> I suspect you'd have better luck with the Linux base for running Wireshark on heavy loads.

Agreed - I'll use Linux.

> The biggest question you should answer before starting this quest is what kind of loads will you 
> (ultimately) need to monitor?  

Yes, I agree. 

Best regards

David
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe