Article Number | 000035134 |
Applies To | RSA Product Set: Security Analytics, NetWitness Logs and Packets RSA Product/Service Type: Packet Decoder RSA Version/Condition: 10.6.2, 10.6.3, 10.6.4 Platform: CentOS O/S Version: 6 Product Name: null Product Description: null |
Issue | After upgrading to RSA Security Analytics 10.6.2 the VLAN tags are no longer being captured.
 |
Cause | Although the root cause has not yet been confirmed, it is suspected that the issue might be with the linux kernel.
uname -r 2.6.32-642.6.2.el6.x86_64 rpm -qa | grep pfring pfring-6.0.3-8598.2.6.32.642.6.2.el6.x86_64 |
Resolution | |
Workaround | The workaround is to set rxvlan off on the affected interfaces using ethtool as shown in the example below.
ethtool -K eth4 rxvlan off ethtool -K eth5 rxvlan off |