KB45011 - How to collect a tcpdump on vTM.

« Go Back

Information

Last Modified Date	2/10/2022 9:59 AM

Synopsis

At times, for troubleshooting purposes we may need to collect a tcpdump to look into the communication between the nodes. This is helpful in scenarios where User is facing latency or HA Communication is fluctuating or Health Monitors are failing etc.
This KB provides the steps for collecting the tcpdump and copying the file out of the vTM.

Problem or Goal

Cause

Solution

1. Log into the vTM CLI
2. Navigate to /logs location
3. Run the following command (For extremely busy environments you may want to tweak the command using examples below to collect limited info)

#Collects unfiltered captures. Try to keep the capture time to ~ 1 min.
tcpdump -i any -w Test.pcap
or
tcpdump -i any \(host 192.168.1.1 and host 192.168.1.2\) and tcp port 443 -w Test.pcap

4. Ctrl+C to stop the captures.
5. This capture will be saved in the /logs location (or the location where the command was executed. In this example its "/logs" )
6. If you want to take a quick look into the Output but do not want to save the file.

Example:
tcpdump -ni any \(host 192.168.1.1 and host 192.168.1.2\) and tcp port 443
-------------------------------------------------------------------------------------------------------------
Copying this file to Windows:
1. From Windows machine : You can use tools like Winscp or Filezilla and connect to the vTM and copy the file.
2. Fom Window CLI using below commands:

c:\> pscp.exe [email protected]_ipaddress:/logs/Test.pcap C:\WindowsLocation\
(You'll be prompted for the vTM Password)

or

c:\> scp [email protected]:/logs/errors \WindowsDirectory\

Copying this file from vTM to Linux:
scp /logs/Test.pcap [email protected]/remotelocation
(You'll be prompted for the remote location 'adminuser' password)

Related Articles

KB45011 - How to collect a tcpdump on vTM.

Information

Feedback

Was this article helpful?