110 Chapter 5 Packet capture

You can create new capture objects until the maximum block size reaches 25 Mbyte. (The VPN Router does not allow you to reduce the maximum block size to less than 25 Mbyte.) If you allocate too much memory to packet capture buffers, you receive an error message suggesting a smaller buffer size.

To check the maximum block size, select Status > Statistics and click Memory in the Resources section. Scroll to the bottom of the window to find the maximum block size. The output looks similar to this:

Shared Heap Statistics:

 

 

status

bytes

blocks

ave block

max block

------

--------- -------- ---------- ----------

current

 

 

 

 

free

40542960

18

2252386

39532912

alloc

64815872

135

480117

-

You can display the same information by entering the command show status statistics resources memory.

Performance considerations

Running packet capture can affect VPN Router performance. You can run only one capture object at one time for a specific source (interface or tunnel). Multiple capture objects can exist for the same source, but only one object is allowed to start. You can run capture objects for different sources at the same time with no limitations.

To reduce the effect on VPN Router performance, use packet capture for troubleshooting only and observe the following guidelines:

Configure the capture object to capture the least amount of data needed for troubleshooting: for example, only inbound or outbound traffic, only the first n bytes of the packet.

Configure a capture object for promiscuous mode only when necessary. (Promiscuous mode affects VPN Router performance.)

Configure filters and triggers to capture only relevant traffic, in particular if you need to run the global IP object.

NN46110-602

Page 110
Image 110
Nortel Networks NN46110-602 manual Performance considerations