On 7/18/2011 8:46 AM, Rogelio wrote:
Anyone know how I easily find unknown unicast flooding?
The only way I can think of how to do it would be to search the IO
graphs for bursts, then look at the MACs / IPs during those bursts,
and then try to compare those to a list of known good IP / MAC
addresses on the L2TP tunnel segment at that time.
I was hoping that there would be an easier way to filter out for it
rather than going through all of these steps.
Statistics->conversations might be worth a look.
___________________________________________________________________________
Sent via: Wireshark-users mailing list<wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe