> Basically, the client sends certain number of
> consecutive requests and gets back a unique response
> from the server for each of those requests. I am
> running ethereal at the server to capture the COPS
> packets. However, it is found that ethereal (with a
> capture filter on the appropriate port or without it)
> is not able to capture all the packets that are being
> sent or received by the server. Note that the
> request-response exchange is very fast e.g. around
> 10/sec
What happens if you use tcpdump, with the "-w" flag to write the packets
to the file? (Ethereal capture filters are the same as tcpdump capture
filters.)
If tcpdump caught all the packets in that case, what happens if you run
tcpdump with the same command-line arguments *and* also the flag
"-s 65535"?
If that doesn't catch all the packets, your problem is probably that the
machine isn't fast enough to support capturing all the data in all the
packets (either because there's too much traffic for the machine, or
because the code path involved in capturing is too long); try running
Ethereal with a smaller capture length (the capture length is what the
"-s" flag sets in tcpdump - and in Tethereal).
If that does catch all the packets, the problem is probably that
Ethereal (for various reasons, including being a GUI application) takes
too much CPU time when capturing; try using tcpdump or Tethereal to
capture the packets to a file with the "-w" flag, and then look at the
file later with Ethereal.