Using tcpdump to capture TMM information

Hello,

I have 2 questions regarding SOL13637: a) It is explained that TMM information is only captured when the tcpdump is initiated at a vlan interface and not a physical one. Here's the text of SOL13637:

"Additional requirements

The extra TMM information can only be captured when the interface on which tcpdump is listening is a Virtual Local Area Network (VLAN). The extra information is not included in the dump if tcpdump is listening on a physical interface (1.1 or 2.2), which would display the traffic ingressing or egressing the BIG-IP system through the interface before or after TMM has processed it."

Indeed, when testing with a BIGIP 11.3, the noise amplitude is only accepted if the interface is a vlan and not a physical interface. Later on the document this requirement is forgotten and all examples use physical interfaces.Is this related with the version of BIGIP and 'p' option?

b) I understand from the article that to capture TMM informatino I need to define the noise amplitude. Later on the text I read:

"Capturing traffic without the F5-specific information included in the packet capture

To gather a tcpdump that contains the entire packet, but does not contain any F5-related noise, you can specify the snaplen length to be less than 65535. F5 recommends that you set the snaplen length value to 65534 to ensure that the entire packet is captured, excluding the F5-specific slot and TMM instance information."

So this means that using the option 's0' I will have TMM information by default? No need to define 'nnn' noise amplitude?

Best regards, Nicolau