Manual Chapter :
tcpdump overview
Applies To:
Show VersionsF5OS-C
- 1.6.0, 1.5.1, 1.5.0
tcpdump overview
If you need to debug traffic issues, you can use the
tcpdump
utility to capture traffic
from VELOS
chassis partitions
. You can then save the captured traffic as a file that can
be analyzed to help troubleshoot network issues.Generate a tcpdump from the CLI
You can use the
tcpdump
utility to capture traffic in chassis partitions. You can then save the captured traffic as a file that can be analyzed to help troubleshoot network issues.- Connect using SSH to the chassis partition management IP address.
- Log in to the command line interface (CLI) of the chassis partition using an account with admin access.When you log in to the system, you are in user (operational) mode.
- Generate a tcpdump.system diagnostics tcpdumpThese options are available to use with this command:OptionDescriptionExample-i | interfaceSpecifies the interface on which to capture packets. Omit or specify0/0.0to indicate all interfaces.This example captures traffic on interface 1.0 on blade number 2:system diagnostics tcpdump interface 2/1.0-w | outfileSpecifies the pcap file to write the captured packets.This example sends the output to a specified directory:system diagnostics tcpdump outfile <file-name>.pcapbpfSpecifies the Berkeley packet filter (BPF) expression for tcpdump. This option uses standard BPF syntax.This example captures traffic where the source IP address is 192.0.2.0 and the destination port is 80:system diagnostics tcpdump bpf "src host 192.0.2.0 and dst port 80"The system supports the use of standard tcpdump options. For more information, see www.tcpdump.org/manpages/tcpdump.1.html.
Next you can view the file from the CLI or download the file from the webUI.
Manage tcpdump files from the CLI
You can view and export tcpdump
files from the CLI.
- Connect using SSH to the chassis partition management IP address.
- Log in to the command line interface (CLI) of the chassis partition using an account with admin access.When you log in to the system, you are in user (operational) mode.
- View a list of tcpdump files on the system.file show diags/shared/tcpdump<file-name>This example displays the contents of a file named testfile:default-1# file show diags/share/tcpdump/testfile.pcap
- Export a tcpdump file to an external server.file export insecure local-file <local-file-path> protocol [ https | scp | sftp ] remote-file <remote-file-path> remote-host <ip-address-or-fqdn> remote-port <port-number> ] remote-url <ip-address-or-fqdn> username <user> web-token <remote-system-token>This example exports a file named testfile.pcap to a specified server:default-1# file export local-file diags/shared/tcpdump/testfile.pcap remote-host files.company.com remote-file home/jdoe/testfile.pcap username jdoe Value for 'password' (<string>): ********* result File transfer is initiated.(diags/shared/tcpdump/testfile.pcap)
- Check the file transfer status.file transfer-statusThis example shows the status of all recent file transfers:default-1# file transfer-status file transfer-status result S.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status |Time 1 |Export file|HTTPS |diags/shared/tcpdump/testfile.pcap |files.company.com |/home/jdoe | Completed |Wed Jul 13 21:02:24 2022
Manage tcpdump files from the webUI
You can use File Utilities from the chassis partition webUI to export or download tcpdump files from the system. All file transfers are done using the HTTPS protocol.
- Log in to the VELOS chassis partition webUI using an account with admin access.
- On the left, click.
- From theBase Directorylist, selectdiags/shared/.
- Underdiags/shared, selecttcpdump.
- If you want to export a tcpdump file to an external server:
- Select the tcpdump file and clickExport.
- In the popup, enter theServer URLfor where to export the file.
- Provide theUsernameandPasswordonly if required by the remote host.
- SelectIgnore Certificate Warningsif you want to skip warnings when importing files.
- ClickExport Fileto begin the export.
- If you want to download the tcpdump file to your local workstation:
- Select the tcpdump file and clickDownload.The selected file will be downloaded.
In the File Transfer Status area, you can view the status of a file transfer operation to view its progress and see if it was successful. If an operation fails, hover over the warning icon to see the error that occurred.
A runtime error displays in the File Transfer Status area if an invalid operation is performed.