Packets being dropped
Posted: Tue Oct 05, 2021 4:48 pm
I have my infoblox DNS system sending logs to both Alientvault and NLS. NLS is missing many log entries that we can validate are being received by Alienvault. We changed the configuration and removed Alientvault to make sure it wasn't overloading the Infoblox, no luck. We did a TCPDump on the NLS node and validated the packets with the data we are expecting are not even in the TCPDump. I'm going to have my network team sniff the network and validate the packets are making it to NLS.
My team and I are very confident we've ruled out everything except a bizarre network issue or NLS somehow dropping the packets. Is there any process running on NLS that could drop the packets so that they wouldn't even be seen in a tcpdump?
My team and I are very confident we've ruled out everything except a bizarre network issue or NLS somehow dropping the packets. Is there any process running on NLS that could drop the packets so that they wouldn't even be seen in a tcpdump?