| Passive Measurements |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| • | path
asymmetries - also “what link is being |
||||||||||||||
| monitored” |
|||||||||||||||
| • | where
are timestamps applied? |
||||||||||||||
| – | on
the card, at start or end of packet/cell? |
||||||||||||||
| – | on
the card, after a queue (FORE cards, NLANR .crl sites)? |
||||||||||||||
| – | in
the device driver? in the
kernel? in user space? |
||||||||||||||
| – | after
buffers and queues? after mixing
with other data? |
||||||||||||||
| • | lost/reordered/duplicated
packets: |
||||||||||||||
| – | really
occurred on network |
||||||||||||||
| – | by
card or full memory buffers |
||||||||||||||
| – | by
BPF implementation |
||||||||||||||
| – | can't
capture to disk or process fast enough |
||||||||||||||