DX NetOps

Hi,

how to capture the SNMP packets from Wireshark to see if there is snmp response from the device or not.

Hi,

You would need to install the wireshark app on your Monitoring system which is sending/receiving the traps and start a capture on the interface.

On linux we use tcpdump but both capture network traffic from a host.

You will need to work our what you wish to capture too and apply a filter.

I haven't used wireshark for a while, but typically you would want all SNMP traffic (udp port 161 and 162). 161 is snmp data and 162 relates to the traps sent from devices to your NMS.

you could even be more specific and set a source and/or destination in your filter too.

I'm sure the online documentation in wireshark is still as good as it was when I used it.

Have a look for 'capture filter'

Regards,

Frank

The simplest way is to setup a Wireshark capture unfiltered. Then start the capture. Go to Spectrum and attempt to discover or poll the device you are having SNMP communications trouble with. Once Spectrum reports back that it is unable to communicate with the device you can stop the capture.

Then in the filter field just below the toolbar type: ip.addr==<ip address of device you are trying to communicate with above>

This will filter and give you both the get-requests going out and the responses (if any) coming back for the device you are trying to talk to. I say if any because it sounds like you are not getting any back.

Hope this helps.

Chris

Hi:

I have uploaded a quick "getting stated" wireshark doc that I have

HTH
Joe

Hello Ramesh,

For more understanding of the info in the packets we can even convert the OID's into meaningful text.

Refer the attached document.

kalyan

Hi Ramesh,
Here are some basic Wireshark Instructions with Screen Captures. Hope this helps.
Regards,
Bill