Problem is, syslog (and kernel in general) doesn't record such things *at all*
Regards, Mahmood ________________________________ From: Mark W. Jeanmougin <mar...@gmail.com> To: Mahmood Naderan <nt_mahm...@yahoo.com> Cc: "tcpdump-workers@lists.tcpdump.org" <tcpdump-workers@lists.tcpdump.org> Sent: Sunday, May 19, 2013 1:09 AM Subject: Re: [tcpdump-workers] using tcpdump For an issue like this, I would look at syslog before I'd check tcpdump. Is anything there when the box looses the network connection? MJ On May 16, 2013 9:16 AM, "Mahmood Naderan" <nt_mahm...@yahoo.com> wrote: Hello all users >I am using scientific linux 6.3 which kernel 2.6.32-279.5.1.el6.x86_64. The >chassis, say 'A', has 3 network interfaces. Eth1 has valid IP and is connected >to internet and eth2 has invalid IP and is connected to another local switch. > >Problem is that the internet is randomly disconnected on eth1 so the computer >is unreachable through ping command. At the same time, there is another >chassis, say 'B', which has also the same configuration. I mean one interface >of 'B' is connected to the internet (same internet witch as 'A') and one >interface to local switch (same local switch as 'A'). However 'B' uses Ubuntu >12.04. > >The internet connection is steady and that means while 'A' is unreachable, 'B' >can be pinged. > >The situation is very very random, so I tried to use "tcpdump -vvv -i eth1" to >see if I can find any useful information about connect/disconnect messages. > >Can tcpdump help me with this problem? Any feedback is appreciated. > > >Regards, >Mahmood >_______________________________________________ >tcpdump-workers mailing list >tcpdump-workers@lists.tcpdump.org >https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers > _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
