ESXi

 View Only
  • 1.  Use tcpdump to capture VLAN frames ?

    Posted Feb 24, 2022 01:59 PM

    Hi,

    Is there a way to capture frames with VLAN tags using tcpdump in ESXi for Virtual Switching Tagging.

    I have tried this but the result seems to show nothing.

    Thank You



  • 2.  RE: Use tcpdump to capture VLAN frames ?

    Posted Feb 24, 2022 04:43 PM

    Hi, TryllZ.

    Did you specify the capture point and direction properly? By default, pktcap-uw captures only ingress traffic. If you capture bi-directional traffic, you must exec pktcap-uw with --dir 2 option.

    pktcap-uw Command Syntax for Capturing Packets

    capture_point_options

    --dir {0|1|2}

    Capture packets according to the direction of the flow with regard to the virtual switch.0 stands for incoming traffic, 1 for outgoing traffic, and 2 for bidirectional traffic.

    By default, the pktcap-uw utility captures ingress traffic.

    To determine the capture point, the IOChain diagram in the following blog post is helpful.

    ESXi Network Troubleshooting Tools 



  • 3.  RE: Use tcpdump to capture VLAN frames ?

    Posted Feb 26, 2022 11:09 PM

    Thanks a lot.

    I did try that with both, vmnic and vmkernel, still cannot see VLAN tags in the Wireshark file.

    I will try to get it through the switchport ID of the vSwitch.