god like wrote:
- Does ethereal handle
switched networks and if so do I have to set anything special up.
Ethereal can see whatever the host it's running on sees. Switches
generally learn which hosts are on which ports and forward packets
accordingly, so you might not be able to see what you want to see.
Therefore, if you want to sniff the entire network, you'll need access
to the switches and/or routers so that they can be configured to send
all traffic to a special port. If it's not a managed switch (i.e., one
that has a management interface and features like port mirroring), then
you'll have to be content with monitoring a link that's "close to the
problem" in order to figure out what's going on. Old-fashioned hubs
might work for this but beware: most new "hubs" are really switches --
very frustrating.
- Can ethereal generate
traffic and do throughput testing if so - how? and if not do people
know of [...]
Ethereal is a sniffer, not a generator. Try netperf or Iperf.
- Reporting - the client
wants the problem pin-pointed and proved on paper.
Well, the legal work is up to you, not a piece of software. Look at
the stats on the switch and on the receiver. If you're lucky, you'll
see drop counts on one of them. That will tell you which device is
suffering from the likely buffer overflow. Ethereal might be able to
expose some packet loss, but you're going to have to capture packets at
the source and the destination OR observe sequence numbers. See next
answer.
- General tips and gotchas
You didn't give us much to go on. Other than the cameras, what kind of
systems are you dealing with? General purpose computers running an
OS? Embedded devices? What kind of login access to you have? What
protocols?
|
