Forum Discussion

Aditya_Kurundka's avatar
Aditya_Kurundka
Icon for Nimbostratus rankNimbostratus
May 02, 2024

GTM Packet Capture command

Hi All,   I have started working on F5 GTM recently and stuck with the tcpdump commands for it.   Need help on tcpdump commands for wideip to check if the wideip is working correctly.   Also ar...
application delivery
F5_Design_Engineer's avatar
F5_Design_Engineer
Icon for MVP rankMVP
May 02, 2024

Hi Aditya,

 

You can try using the following formats by changing the host IP as per your configuration.

 

tcpdump -vvv -s0  -nni 0.0:nnnp udp port 53 and host 1.2.3.4 -w /var/tmp/$(/bin/hostname)_$(date +%Y-%m-%d)_$(date +%H:%M).pcap

First, find out which interface you want to sniff with the "ifconfig" command. If the destination server is located on an interface called "vlan1275" you can dump all DNS traffic to a specific IP address thus

tcpdump -i vlan1275 udp port 53 and host 1.2.3.4 -w /var/tmp/$(/bin/hostname)_$(date +%Y-%m-%d)_$(date +%H:%M).pcap

You can refer following articles 


K411: Overview of packet tracing with the tcpdump utility
https://my.f5.com/manage/s/article/K411

 

K00463541: A breakdown of the tcpdump utility, recommended actions, and information to help you use and apply it to the BIG-IP.
https://my.f5.com/manage/s/article/K00463541

 

HTH

🙏