for sake of troubleshooting,I want to tcpdump non-transit traffic in one gre tunnel interface
however in shell mode,tcpdump only show me "non/loopback" packet
but if i don't save it to a file via -w ,it can show the packet
root@srwp01jrt002% tcpdump -i gr-1/2/0.0 -w 1.cap host 72.52.27.213
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on gr-1/2/0.0, capture size 96 bytes
^C
1 packets received by filter
0 packets dropped by kernel
root@srwp01jrt002% cat 1.cap
悦病`root@srwp01jrt002%
root@srwp01jrt002% tcpdump -i gr-1/2/0.0
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on gr-1/2/0.0, capture size 96 bytes
Reverse lookup for 72.52.27.214 failed (check DNS reachability).
Other reverse lookup failures will not be reported.
Use <no-resolve> to avoid reverse lookups on IP addresses.
04:49:02.811916 In IP 72.52.27.213.48628 > 72.52.27.214.bgp: . ack 2165482886 win 16346 <md5 b074b5412a7aa021166eb37155777055,eol>
04:49:12.072980 In IP 72.52.27.213.48628 > 72.52.27.214.bgp: P 0:19(19) ack 1 win 16346 <md5 b7c723d396b6f34ca18ef5de0a11536b,eol>: BGP, length: 19
^C
2 packets received by filter
0 packets dropped by kernel
not sure why
I want to save this packet in a file and open it via wireshark