Creating A IPv4 Filter With Your Packet Broker

One of the challenges I encounter when capturing packets is the sheer volume of data on todays networks. Most workstations have a minimum of 1 Gb connections and switch trunks are mostly 10 Gb connections.

This results in 2 issues:

- With a high packet rate and using a laptop or desktop to capture packets, you stand a chance of dropping packets.

- Going though gigabytes of data, is incredibly difficult and mostly unusable.

One way to mitigate these issues is to simply use a capture filter to reduce the amount of traffic captured. Unfortunately this technique doesn’t change the amount of packets being received by your capture device.

The other option would be to use a packet broker that can reduce the amount of traffic sent to your capture device. You have to check with your specific make and model to see if it supports this filtering feature.

In this video, I use my Network Critical SmartNA XL www.networkcritical.com packet broker to demonstrate this methodology.