On Dec 13, 2012, at 8:51 AM, John Powell <jrp999@xxxxxxxxx> wrote:
> I am currently running DUMPCAP as a service to capture packets in a high packet throughput environment.
>
> The command used is:
>
> /usr/local/bin/dumpcap -B 16 -i 2 -f vlan and (not vrrp and not udp port 1985 and not ether host 01:00:0c:cc:cc:cc) -g -b filesize:250000 -b duration:900 -w /data/eth1.cap
>
> I am experiencing disk IO issues.
>
> I suspect that part of my disk IO issue is due to copying the rotated file from \tmp to \data
Have you seen it copying the file from /tmp to /data?
Or are you just *assuming* it's writing the files to /tmp and copying them rather than just writing directory to files in /data? It would be unwise to assume that, given that, in fact, it *doesn't* do that (and *didn't* do that in a test I just did); if you're seeing it copy the file, that's a bug.
