How to get a packet capture
Most of the time, a packet capture (PCAP) file is the first thing we look to while troubleshooting an issue, because we find that solves the problem in most cases. Corrective action is what is required next, which shouldn’t be much of an issue.
A PCAP is a file that contains the network’s voice and data traffic as it happens in your environment with real-time network activity and traffic. This makes the PCAP helpful in most troubleshooting cases as it closely simulates the real-time traffic in your network.
You could use Wireshark to get a packet capture.
Or, if you’d prefer to keep it simple, you need do no more than just type a line of command. Our built-in sniffer tool does this job well. Navigate to your <VQManager_Home>/bin directory and execute this one-liner.sniffer.exe -i=<Exact interface where VQManager listens> -cap.file=test.pcap -filter=”tcp || udp || vlan” -p=true -packet.count=10000In case, you are running VQManager on a Linux machine, try this../sniffer -i=<Exact interface where VQManager listens> -cap.file=test.pcap -filter=”tcp || udp || vlan” -p=true -packet.count=10000You will have the test.pcap file ready in an instant. This will be present in the current directory(bin). Send it to us for analysis and we will get back to you promptly with the required corrective measure.
Should you face a more serious problem, we may ask you for more information. Well, that’s for another post.
Hi, I have one question, How do I manage very large amount of PCAP files ? Let's see I have 10+ GB of PCAP data and i'm only interested in particular area, like packet header, all Mac addresses etc.. Also I want proper output for analysis. I have use many times PCAP2XML for converting process. Using this tool you can convert your PCAP file into XML or SQLite and then you can use SQlite browser for analysis process also you can execute queries to find out exact output for analysis purpose. Here have a look and please share other tools. Tool: - http://bit.ly/1DxcncQ Tool Blog: - http://bit.ly/1DxciWG
[...] you felt even one is more, no problemo.. Enough of the sniffer.exe… command, the option blah blah for the capture. Here’s how simple it [...]
Hi Suresh! Thanks for the suggestion. We have already started working on the option for creating a packet capture from the UI. This will soon be integrated into the product in the upcoming releases. We plan on a single-click option for sending us a packet capture similar to what we have now for the 'Support File Creation'. Cheers!
A better option will be to have this packet capture triggered from the UI. ie., have a "Troubleshooting Options" in the 'admin' tab and invoke the 'sniffer' application to capture the packet trace (and optionally mail it to the VQManager team!). This will solve most hassles in explaining how to do the packet capture. -Suresh.K.V.
[...] unknown wrote an interesting post today onHere’s a quick excerptMost of the times, a packet capture (pcap) file is what we look for first while troubleshooting any issue. Surprisingly we find that solves the problem in most cases. Corrective action is what is required next which shouldn’t be much of … [...]