Reset Search
 

 

Article

KB9215 - How to collect a TCP dump from the PCS for troubleshooting

« Go Back

Information

 
Last Modified Date10/22/2018 11:46 PM
Synopsis
Occasionally it is necessary to collect a TCP dump from the IVE (Instant Virtual Extranet) to further troubleshoot an issue.  This article contains information on how to collect the TCP dump.
Problem or Goal
When collecting logs for troubleshooting an issue, often a TCP dump taken from the internal port of the IVE (Instant Virtual Extranet) is needed.
Cause
Solution
The process to take a TCP dump is the following:
  1. Start the TCP dump from the Admin Console of the IVE.  This is done by navigating to Maintenance > Troubleshooting  > Tools > TCP Dump
start TCP dump

There are a few options to configure when starting the TCP dump:
  • Interface - the physical interface on the PCS that the "Sniff" is taken from.  By default this option is set to the Internal Port, which is the setting needed.
  • VLAN Port - if the users are accessing the PCS via a VLAN, then the VLAN being used by the users needs to be selected.
  • Promiscuous Mode - if this option is on, then every packet that is sent or received at the specified interface will be recorded.  If this option is off, then only the packets that were destined for the IVE are recorded.  By default this option is set to on.
  • Filter - this option allows you to only capture traffic that is going to or coming from a specified IP address, port or protocol. 
  1. Once the TCP dump is started, have a user log in to the PCS and reproduce the issue that is occurring.
  2. After the issue has been reproduced, stop the TCP dump from the Admin Console of the PCS.  This is done by navigating to Maintenance > Troubleshooting > Tools > TCP Dump, then clicking on Stop Sniffing

    stop TCP dump 

    Once the TCP dump is stopped, the file will appear under the Dump File section. 

    TCP dump format

    There are three file formats to "Get" the TCP Dump file in:

    • Raw - the raw format needs to be viewed by a program that can view .dmp files such as Ethereal or Wireshark.  This is the default selection and should be used to collect the TCP Dump.
    • SSL Dump - this format shows the SSL handshake that takes place during the TCP Dump and displays it in the browser (this text can by copied and pasted into a text editor such as Notepad or Wordpad).
    • Human Readable - this format presents the TCP Dump in a readable format and displays the text in the browser (this text can also be copied and pasted into a text editor).
  3. Once the format has been selected, click on the Get button.  The browser will ask where to save the TCP Dump or save it to the default location specified for downloading files.
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255