TCP Dump
A TCPTransmission Control Protocol Dump captures packets being transmitted or received from the specified interfaces and can assist in troubleshooting. A TCP Dump may be requested by Exinda TAC.
Run a TCP Dump from the Exinda appliance
Click Configuration > Diagnostics > TCP Dump.
Make the following selections and then click Generate TCP Dumps:
|
Interface |
Select an interface to run the TCP dump on. Select ALL to capture packets on all (link up) interfaces. Note When ALL is selected for the Interface, only those interfaces which are link up will be included. |
|
Timeout |
Select the amount of time for which the TCP Dump will run. |
|
Filter |
Set a filter if required. Refer to the Common User Case examples below for specific filters to use in common circumstances. |
|
Status |
Shows the status of a running TCP Dump |
Common Use Cases
The following examples provide the syntax to enter in the Filter field to gather data from a particular source.
To collect traffic to/from a single host
host <IPInternet protocol address>
Example: host 1.2.3.4
To collect traffic from a single host who is the source of the traffic
src <IP address>
Example: src 1.2.3.4
To collect traffic from a single host who is the destination for the traffic
dst <IP address>
Example: dst 1.2.3.4
To collect traffic between two hosts
host <IP address 1> and host <IP address 2>
Example host 1.2.3.4 and host 5.6.7.8
To collect traffic to / from a subnet
net <IP subnet>
Example: net 1.2.3.0/24
To collect traffic between two subnets
src net <IP subnet> and dst net <IP subnet>
Example: src net 1.2.3.0/24 and dst net 1.2.4.0/24
Send a TCP Dump to Exinda TAC
Saved TCP Dumps can then be downloaded and/or emailed to Exinda TAC using the form below.
For more information about TCP dump filters, refer to https://danielmiessler.com/study/tcpdump/#common.