Packet drop when capture multiple interface
Dear As you know, Wireshark can capture multiple interface at the same time, thank for this wonderful function.
In fact, when capturing 2 x 1 Gb interface ( 200 Mb/s traffic on each interface), Wireshark always has packet dropped ( about 2 %). The CPU and disk is stable at this time ( about 50 %).
But if capturing each interface by separate Wireshark app at the same time, we have no packet drop. Please help me how to solve this drop packet
Thank so much
My Capture System :
- Windows 10 Pro (64bit)
- CPU : i9 9900K
- nvme Samsung Evo 970 ( 1 TB)
- 32 GB RAM
- Intel(R) I211 Gigabit Interface
- Wireshark v3.0.3 (npcap)
Wireshark, and presumably npcap, versions?
Sorry, my mistake. using Wireshark v3.0.3 (npcap) @grahamb : Thanks for your noted
And the npcap version, likely to be older if you're still running 3.0.3? You can copy the text from the Wireshark Help -> About Wireshark -> Wireshark tab.
I would update Wireshark to the current stable version (3.2.0) before doing anything else.
I would also recommend not using Wireshark for capturing, but simply use
dumpcapinstead, which is what Wireshark uses under the hood anyway. For more ideas, visit the Wireshark Performance wiki page.@cmaynard : you are totally right about dumpcap. yes, it has better capture performance. but capturing 2 interface ( 200 Mbps per interface), still have packet drop. this time is about 1 % ( compare to 2 % if using wireshark). if anyone has solution, please help me. Many thank for your support