How to capture traffic on an interface

Yes you are able to capture traffic on an interface of an Viptela router.

Just type the following command:
#tcpdump vpn 0 interface ge0/1 options “-v -n host 52.88.169.126”
tcpdump -i ge0_1 -s 128 -v -n host 52.88.169.126 in VPN 0
tcpdump: listening on ge0_1, link-type EN10MB (Ethernet), capture size 128 bytes
19:17:47.492894 IP (tos 0x0, ttl 44, id 22942, offset 0, flags [DF], proto TCP (6), length 52)

The above command will show you all the traffic from  and to the host with IP address 52.88.169.126

You can also change that above command slightly and you’ll be able to see different protocol traffic.  The following command will show protocol 17 traffic.

# tcpdump vpn 0 interface ge0/1 options “-v -n proto 17”
tcpdump -i ge0_1 -s 128 -v -n proto 17 in VPN 0
tcpdump: listening on ge0_1, link-type EN10MB (Ethernet), capture size 128 bytes
19:17:12.988857 IP (tos 0xc0, ttl 64, id 35275, offset 0, flags [DF], proto UDP (17), length 156)
10.60.6.50.12426 > 52.88.63.222.12346: UDP, length 128
19:17:12.988953 IP (tos 0x0, ttl 64, id 26577, offset 0, flags [DF], proto UDP (17), length 44)
10.60.6.50.12426 > 52.44.221.238.12346: UDP, length 16

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s