tcpreplay packet flooding? I have limited networking knowledge so bear with me here on this explanation... In my companies datacenter we have some devices that run tcpreplay traffic and usually, there are no issues a...--prophetes.ai

tcpreplay packet flooding? I have limited networking knowledge so bear with me here on this explanation... In my companies datacenter we have some devices that run tcpreplay traffic and usually, there are no issues as the traffic is usually run from a replay server directly to a port on a device. The issue we're having here is that it looks like an engineer accidentally pushed the pcaps out on the wrong port of the replay server and into our network flooding it with packets There are close to 100 replay servers and each one of those has multiple connections so it's tough to track down the culprit. The packets being sent have an IP that is outside of our network so we can't track it by that or a mac address. Is there any way we can track down the replay server that's pushing these packets onto the network without having to turn off the replay servers one by one?

A TCP socket is uniquely identified by the four values (remote IP, local IP, remote port, local port). Right, so use a tool like wireshark to identify the culprit!

Best of luck!