Forum Discussion
Rahul_Gupt_2401
Nimbostratus
NimbostratusTCPDUMP Command
Hi, I need a TCPDUMP command to capture traffic from end to end.
Could you please tell me a TCPDUMP command to capture traffic coming to my virtual IP A.A.A.A from any client and going to a pool mem...
Hannes_Rapp_162
Nacreous
NacreousThe incoming connection is terminated by BigIP, and BigIP initiates a second connection from itself to the pool members. You will need 2 dumps for this.
(vlan_810_cs and vlan_820_ss are exact names of my VLAN objects)
tcpdump -i vlan_810_cs dst A.A.A.A -nn -vvv -w /var/tmp/external.pcap
tcpdump -i vlan_820_ss dst B.B.B.B or C.C.C.C -nn -vvv -w /var/tmp/internal.pcap
In some cases, you can do this with one TCPDUMP command by using the "p" modifier on the VLAN name. For example, if A.A.A.A normally receives traffic on the VLAN named "external", and you want to capture both client-side traffic (from clients to A.A.A.A) and server-side traffic (to any of the pool members associated with the virtual server):
tcpdump -i external:p dst A.A.A.A ....You can then add other TCPDUMP options as desired, such as those provided by Hannes above.
