Hi Borja,
I see tos 0 too.
When I capture packets before and after nprobe I see packets with TOS on it.
I'm sure 100%:
14:21:23.236494 IP (tos 0xb8, ttl 126, id 4388, offset 0, flags [DF], proto TCP
(6), length 450)
217.xx.xx.xx.47460 > 64.xx.xx.xx.https: Flags [P.], cksum 0x5af4 (correct),
seq 949:1359, ack 84, win 256, length 410
-----Original Message-----
From: Borja Marcos [mailto:bor...@sarenet.es]
Sent: mercoledì 8 ottobre 2014 12:16
To: Oliver Lagni
Cc: nfsen-discuss@lists.sourceforge.net
Subject: Re: [Nfsen-discuss] Nfsen-discuss Digest, Vol 100, Issue 2
On Oct 8, 2014, at 12:05 PM, Oliver Lagni wrote:
> Hi Giles,
>
> Thanks for your help.
>
> Actually TOS values on NFSEN are from 1 to 255 so I guess I could filter with
> same decimal value of DSCP, but it's not.
> The only TOS filter that works is TOS 0 ;)
>
> At the moment I'm using this filter: tos 0xb8 or tos 184 or tos 5 but I
> can't see anything.
It is working for me, seeing best effort at tos=0 and making tos comparisons.
Check your flows source, maybe it's not sending the information properly, my
flows come from Juniper M and MX routers.
Borja.
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
