How To: Packet capture on Gigamon interface

“파트너스 활동을 통해 일정액의 수수료를 제공받을 수 있음"

How To: Packet capture on Gigamon interface

2020. 4. 25•How to

Feature

Flow Mapping

Title

How To: Packet capture on Gigamon interface

Objective

Perform packet capture on Gigamon interface for troubleshooting.
 

Environment

HC-Series

Procedure

Please note: This feature is currently available for software version 5.4 and above.

Step1. Identify one unused port on the chassis and enable the port. This unused port will be used to capture and copy the traffic. (port type can be any). Channel port is only required in case you want to capture in direction (Tx or both). It is not required in order to capture only Rx traffic.
Rx = IfInPackets on a port.
Tx = IfOutPackets on a port.port 1/3/x9 params admin enable port 1/3/x9 alias unused-channel-port
Step2.  Add a capture filter to start the packet capture. #Example1 pcap alias nw-side port 1/4/g16 both (Interface on which you want to capture the packets) channel-port 1/3/x9 (Unused port to copy the traffic) packet-limit 20000 filter ipsrc 10.10.10.10 /32 exit #To create another filter, please create another pcap profile. #Example2 pcap alias IT-side port 1/3/x11 rx channel-port 1/3/x10 packet-limit 20000 filter ipdst 30.30.30.30 /32 exit #Example3 pcap alias SSL port 1/3/x11 tx channel-port 1/3/x10 packet-limit 20000 filter ipdst 30.30.30.30 /32 exit #Verification show pcap alias nw-side show pcap show file pcap
Step3.  Reproduce the problem. 
Initiate a session between the client and server, to ensure that specific packets can be captured.

Step4. Stop the packet capture.no pcap alias issl1 or clear pcap all or no pcap all
Step5. Verify if the packet capture file has been created.show file pcap
Step6. Upload to your local machine or scp/tftp server. file pcap upload <filename> scp://user:pass@10.10.10.10/dir/folder/<filename> file pcap delete-all file pcap delete <filename>
Step7. Analyze the pcap file

 

Additional Notes

Filtering can be defined based on 6 conditions

• IP source
• IP destination
• Port source
• Port destination
• Protocol
• Tcp control

Tag

packet capture broadcom pcap bcm data port tcpdump

“파트너스 활동을 통해 일정액의 수수료를 제공받을 수 있음"