Difference between revisions of "ICX-Alphacom Core tcpdump"

Latest revision as of 08:21, 7 June 2022

This article describes how to use TCPdump to take a packet trace from the ICX-AlphaCom Core Ubuntu environment

Prerequisites

SSH Console software: PuTTY https://www.putty.org/
File transfer software: WinSCP (version 5.15.3 used in this guide): WinSCP https://winscp.net/eng/index.php
Wireshark: https://www.wireshark.org/
The SSH port (22) enabled in the firewall of the ICX-AlphaCom Core.

Login to the ICX-AlphaCom Core Ubuntu environment

Using PuTTY, enter the IP Address of the ICX-AlphaCom Core Ubuntu environment. SSH (port 22) must be enabled in the firewall.

Login to the Ubuntu console using the login details created during Ubuntu installation.

Alternatively, if you have console access via the physical machine, or you are using a Virtual Machine Host such as VirtualBox or ESXi, you can login via this console.

TCPdump

TCPdump is the linux tool to take a packet trace in the console. To enable a packet trace of all packets into a file named icxcore.pcap in the current directory, use the following command;

sudo tcpdump -s 0 -w icxcore.pcap

You will need to enter the root password for Ubuntu created during installation.

The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C.

If your Ubuntu environment has more than 1 Ethernet adapter, you can use the -i flag to choose the correct adapter. Adapter names and IP Addresses are listed at login.

sudo tcpdump -i -s 0 -w icxcore.pcap

There are many options for TCPdump, and you can do further reading here using the command man tcpdump

Copy the file via WinSCP

Using WinSCP, connect to the Ubuntu environment using the IP Address, username and password.

... and copy the capture file to your computer from the Ubuntu environment:

Close WinSCP.

Wireshark

You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance.

@@ Line 1: / Line 1: @@
-{{DISPLAYTITLE:ICX-Alphacom Core TCPdump}}
 {{I}}This article describes how to use TCPdump to take a packet trace from the ICX-AlphaCom Core Ubuntu environment
@@ Line 16: / Line 15: @@
 Login to the Ubuntu console using the login details created during Ubuntu installation.
 [[File:ICX-AlphaCom Core Ubuntu login.jpg|alt=|left|frameless]]
+<br style="clear:both;" />
 Alternatively, if you have console access via the physical machine, or you are using a Virtual Machine Host such as VirtualBox or ESXi, you can login via this console.
@@ Line 35: / Line 28: @@
 The packet trace will commence immediately, and will only stop when requested to by issuing the escape code CTRL + C.
 [[File:Tcpdump.jpg|left|frameless|729x729px]]
+<br style="clear:both;" />
 If your Ubuntu environment has more than 1 Ethernet adapter, you can use the -i flag to choose the correct adapter.  Adapter names and IP Addresses are listed at login.
@@ Line 51: / Line 41: @@
 Using WinSCP, connect to the Ubuntu environment using the IP Address, username and password.
 [[File:ICX VB27.png|left|frameless]]
+<br style="clear:both;" />
 ... and copy the capture file to your computer from the Ubuntu environment:
@@ Line 69: / Line 53: @@
 ==Wireshark==
 You can now use Wireshark to inspect the packet trace, or send the trace to Support for further assistance.
-<br />
 [[Category: ICX-AlphaCom Platform]]
+[[Category: ICX-Core]]