Routing
Reply
Contributor
Robbie
Posts: 269
Registered: ‎06-07-2011
0
Accepted Solution

how to tcpdump in GRE tunnel interface

for sake of troubleshooting,I want to tcpdump non-transit traffic in one gre tunnel interface

 

however in shell mode,tcpdump only show me "non/loopback" packet

but if i don't save it to a file via -w ,it can show the packet

 

root@srwp01jrt002% tcpdump -i gr-1/2/0.0 -w 1.cap host 72.52.27.213
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on gr-1/2/0.0, capture size 96 bytes

^C
1 packets received by filter
0 packets dropped by kernel
root@srwp01jrt002% cat 1.cap
悦病`root@srwp01jrt002%
root@srwp01jrt002% tcpdump -i gr-1/2/0.0
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on gr-1/2/0.0, capture size 96 bytes

Reverse lookup for 72.52.27.214 failed (check DNS reachability).
Other reverse lookup failures will not be reported.
Use <no-resolve> to avoid reverse lookups on IP addresses.

04:49:02.811916  In IP 72.52.27.213.48628 > 72.52.27.214.bgp: . ack 2165482886 win 16346 <md5 b074b5412a7aa021166eb37155777055,eol>
04:49:12.072980  In IP 72.52.27.213.48628 > 72.52.27.214.bgp: P 0:19(19) ack 1 win 16346 <md5 b7c723d396b6f34ca18ef5de0a11536b,eol>: BGP, length: 19
^C
2 packets received by filter
0 packets dropped by kernel

 

not sure why

 

 

I want to save this packet in a file and open it via wireshark

JNCIE-SP/JNCIP-SEC/CCNP
Trusted Expert
Surya
Posts: 336
Registered: ‎08-25-2009
0

Re: how to tcpdump in GRE tunnel interface

Hi Robert,

 

See if "monitor traffic interface gr-1/2/0 write-file xxx.pcap" works for you.

 

Regards

Surya

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.