On 08/06/2022 20:19, Christopher Wensink wrote: > Everyone, > > From time to time on our network we experience a pause > where it seems like everything just hesitates for a time, > this could be 2-10 seconds, then communications resume and > everything is normal again. > > I suspect that there one machine that is occasionally > sending out bad packets or is flooding the network when it > shouldn't, but I don't know for sure. I've tried scanning > with angry ip scanner to confirm IP addresses are set and > communicating as documented. I've tried running captures > with wireshark to try to identify one culprit but nothing > is sticking out. > > I've tried tcpdump to see if something obvious is placed > there, but it's a flood of information and it's difficult > to tell what (if anything) is a problem and what is not. > > I'm also working on setting up icinga for monitoring all > servers to see if that provides insight. > > What other tools / tactics would you use to identify the > core cause of these kinds of intermittent pauses? > > Chris > Though I can not recommend any specific tools, a learning curve should be easy peasy, including tools/solution - unless you already looked into it & have it covered - in old days with Windowze NIC faulty drivers, OS own issues or intentionally provoked network stack misbehavior would/could put a device/NIC in the 'promiscuous' mode which would results in network "acts" in ways you describe. good luck, L.