This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

EXOS Packet Capture

EXOS Packet Capture

Go to solution
Stefan_K_
Valued Contributor

‎05-18-2021 01:00 PM

Hello,

today I played around with the built-in packet capture of EXOS ( How To: How to perform a local packet capture on an EXOS switch | Extreme Portal (force.com) )

I’m able to capture packets and open the pcap file with wireshark, but I only see the following packets:

999ffec7689143d294de259a963f2492_0cfb738b-55a4-498b-9533-89f57cd81ed1.png

Wondering if I’m doing something wrong or if the feature is something else than I’m thinking. Any hints?

Best regards
Stefan

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
CThompsonEXOS
Extreme Employee

‎05-18-2021 03:54 PM

Hi,

You can use the editcap tool to remove the first 52 bytes.  Mine looked something like below from Powershell:

PS C:\Program Files\Wireshark> .\editcap.exe -C 52 editcap.pcap newpcap.pcap

syntax below:
PS C:\Program Files\Wireshark> .\editcap.exe -C 52 <original pcap filename> <new pcap filename>

Below is more on editcap:

https://www.wireshark.org/docs/man-pages/editcap.html

Before:

83850ff01e9c44fd92c42a4a8fa2122d_701970b3-7509-4c5a-9bf0-a8dab60f51b4.png

 

After:

83850ff01e9c44fd92c42a4a8fa2122d_65f32e5a-5e2a-4a35-96da-75256f170e72.png

 

Thanks,

Chris Thompson

View solution in original post

0 Kudos
11 REPLIES 11

Go to solution
Stefan_K_
Valued Contributor

‎05-18-2021 01:17 PM

Hi Chris,

thanks for your quick reply! I’m on 30.7.1.1-patch1-86. Switch is an X460-G2. I’m just doing some testing of this feature and don’t want to capture any specific traffic for now. But we might need this feature in the near future. (Troubleshooting at a customers site)

Best regards
Stefan

0 Kudos

Go to solution
CThompsonEXOS
Extreme Employee

‎05-18-2021 01:05 PM

Are you on 30.x or newer?  IIRC some bytes need to be stripped to be read properly if so.  

 

Generally it’s used for troubleshooting and debugging:

Be Aware!
Debug commands are primarily meant for trouble shooting purposes and are NOT part of any EXOS validation tests (regression).
The usage of any debug command can result in unexpected side-effects (like memory depletion, high CPU, process failures).

Is there a certain type of traffic you are trying to capture?

Thanks,

Chris Thompson

0 Kudos
GTM-P2G8KFN