思科Cisco IOS XE 4K抓包配置总结
1、抓取控制平面数据包
Internet-R4331-1#monitor capture A control-plane both match mac any any limit packets 10 ##限制抓包数10个,抓满10个后自动停止抓包
Internet-R4331-1#monitor capture A start ##如果没抓满10个,可以手动使用stop停止抓包
Started capture point : A
Internet-R4331-1#show monitor capture A buffer brief
----------------------------------------------------------------------------
# size timestamp source destination dscp protocol
----------------------------------------------------------------------------
0 54 0.000000 10.16.64.67 -> 210.22.10.233 0 BE TCP
1 71 0.001007 10.16.64.67 -> 210.22.10.233 0 BE TCP
2 54 0.001007 10.16.64.67 -> 210.22.10.233 0 BE TCP
3 54 0.001007 210.22.10.233 -> 10.16.64.67 0 BE TCP
4 54 0.001999 210.22.10.233 -> 10.16.64.67 0 BE TCP
5 54 0.001999 10.16.64.67 -> 210.22.10.233 0 BE TCP
6 54 0.074001 10.16.15.44 -> 210.22.10.233 0 BE TCP
7 58 0.432976 210.22.10.234 -> 224.0.0.2 48 CS6 UDP
8 60 0.614974 00:1C:7F:80:A4:36 -> FF:FF:FF:FF:FF:FF -- ARP
9 450 0.826013 00:B6:70:DA:7A:A0 -> 01:00:0C:CC:CC:CC -- LLC
2、抓取接口特定数据包
Internet-R4331-1#monitor capture A int g0/0/0 out match ipv4 host 10.1.13.121 any limit packets 10 ##抓取来自10.1.133.121,经过g0/0/0接口出去的10个包
Internet-R4331-1#monitor capture A start
Started capture point : A
Internet-R4331-1#show monitor capture A buffer brief
----------------------------------------------------------------------------
# size timestamp source destination dscp protocol
----------------------------------------------------------------------------
0 88 0.000000 10.1.13.121 -> 10.253.17.125 0 BE TCP
1 66 0.017065 10.1.13.121 -> 10.253.17.125 0 BE TCP
2 88 15.010009 10.1.13.121 -> 10.253.17.125 0 BE TCP
3 88 15.018056 10.1.13.121 -> 10.253.17.125 0 BE TCP
4 66 15.026051 10.1.13.121 -> 10.253.17.125 0 BE TCP
5 66 15.034062 10.1.13.121 -> 10.253.17.125 0 BE TCP
6 88 30.018056 10.1.13.121 -> 10.253.17.125 0 BE TCP
7 88 30.035054 10.1.13.121 -> 10.253.17.125 0 BE TCP
8 66 30.035054 10.1.13.121 -> 10.253.17.125 0 BE TCP
9 66 30.051059 10.1.13.121 -> 10.253.17.125 0 BE TCP
3、查看抓包信息
Internet-R4331-1#show monitor capture A ##查看抓包配置
Status Information for Capture A
Target Type:
Interface: GigabitEthernet0/0/0, Direction: OUT
Status : Inactive
Filter Details:
IPv4
Source IP: host 10.1.13.121
Destination IP: any
Protocol: any
Buffer Details:
Buffer Type: LINEAR (default)
Buffer Size (in MB): 10
Limit Details:
Number of Packets to capture: 10
Packet Capture duration: 0 (no limit)
Packet Size to capture: 0 (no limit)
Maximum number of packets to capture per second: 1000
Packet sampling rate: 0 (no sampling)
Internet-R4331-1#show monitor capture A buffer brief
----------------------------------------------------------------------------
# size timestamp source destination dscp protocol
----------------------------------------------------------------------------
0 88 0.000000 10.1.13.121 -> 10.253.17.125 0 BE TCP
1 66 0.017065 10.1.13.121 -> 10.253.17.125 0 BE TCP
2 88 15.010009 10.1.13.121 -> 10.253.17.125 0 BE TCP
3 88 15.018056 10.1.13.121 -> 10.253.17.125 0 BE TCP
4 66 15.026051 10.1.13.121 -> 10.253.17.125 0 BE TCP
5 66 15.034062 10.1.13.121 -> 10.253.17.125 0 BE TCP
6 88 30.018056 10.1.13.121 -> 10.253.17.125 0 BE TCP
7 88 30.035054 10.1.13.121 -> 10.253.17.125 0 BE TCP
8 66 30.035054 10.1.13.121 -> 10.253.17.125 0 BE TCP
9 66 30.051059 10.1.13.121 -> 10.253.17.125 0 BE TCP
Internet-R4331-1#show monitor capture A buffer detailed
----------------------------------------------------------------------------
# size timestamp source destination dscp protocol
----------------------------------------------------------------------------
0 88 0.000000 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 004ADA6C 40003E06 1B4D0A01 85790AFD .J.l@.>..M...y..
0020: AC7DACE6 2FA85635 E8111785 00ED8018 .}../.V5........
0030: 05909144 00000101 080A285F EE00F7C9 ...D......(_....
1 66 0.017065 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 0034DA6D 40003E06 1B620A01 85790AFD .4.m@.>..b...y..
0020: AC7DACE6 2FA85635 E8271785 01018010 .}../.V5.'......
0030: 05905397 00000101 080A285F EE11F7C9 ..S.......(_....
2 88 15.010009 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 004ADA6E 40003E06 1B4B0A01 85790AFD .J.n@.>..K...y..
0020: AC7DACE6 2FA85635 E8271785 01018018 .}../.V5.'......
0030: 05901AE0 00000101 080A2860 28A1F7C9 ..........(`(...
3 88 15.018056 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 004ADA6F 40003E06 1B4A0A01 85790AFD .J.o@.>..J...y..
0020: AC7DACE6 2FA85635 E83D1785 01018018 .}../.V5.=......
0030: 059019C2 00000101 080A2860 28A9F7C9 ..........(`(...
4 66 15.026051 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 0034DA70 40003E06 1B5F0A01 85790AFD .4.p@.>.._...y..
0020: AC7DACE6 2FA85635 E8531785 01158010 .}../.V5.S......
0030: 0590DE14 00000101 080A2860 28B2F7C9 ..........(`(...
5 66 15.034062 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 0034DA71 40003E06 1B5E0A01 85790AFD .4.q@.>..^...y..
0020: AC7DACE6 2FA85635 E8531785 01298010 .}../.V5.S...)..
0030: 0590DDF0 00000101 080A2860 28BAF7C9 ..........(`(...
6 88 30.018056 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 004ADA72 40003E06 1B470A01 85790AFD .J.r@.>..G...y..
0020: AC7DACE6 2FA85635 E8531785 01298018 .}../.V5.S...)..
0030: 0590A341 00000101 080A2860 6342F7C9 ...A......(`cB..
7 88 30.035054 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 004ADA73 40003E06 1B460A01 85790AFD .J.s@.>..F...y..
0020: AC7DACE6 2FA85635 E8691785 01298018 .}../.V5.i...)..
0030: 0590A21B 00000101 080A2860 6352F7C9 ..........(`cR..
8 66 30.035054 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 0034DA74 40003E06 1B5B0A01 85790AFD .4.t@.>..[...y..
0020: AC7DACE6 2FA85635 E87F1785 013D8010 .}../.V5.....=..
0030: 0590687E 00000101 080A2860 6353F7CA ..h~......(`cS..
9 66 30.051059 10.1.13.121 -> 10.253.17.125 0 BE TCP
0000: 001C7F80 A43600B6 70DA7A98 08004500 .....6..p.z...E.
0010: 0034DA75 40003E06 1B5A0A01 85790AFD .4.u@.>..Z...y..
0020: AC7DACE6 2FA85635 E87F1785 01518010 .}../.V5.....Q..
0030: 0590684B 00000101 080A2860 6362F7CA ..hK......(`cb..
4、进阶操作
R01#monitor capture A match ipv4 protocol tcp any any control-plane both limit packets 20 buffer size 5 circular interface GigabitEthernet 0/0/1
解释:配置EPC的名字为A,匹配ipv4的TCP协议,针对接口G0/0/1,源是any,目的也是any,抓取的是控制层面进出的报文,报文数量为20个,存储报文的的空间大小为5MB,采取当buffer满了时,丢掉旧报文的方式。
- samba服务器配置总结
- 关于网络编程中MTU、TCP、UDP优化配置的一些总结
- 基于webpack 实用配置方法总结
- CCNA培训课总结笔记--交换机的基本配置(十三)
- CRM 配置 ADFS后,使用自定义STS遇到的问题总结
- Hibernate关联 配置总结
- spring学习总结(九):AOP 基础及基于注解配置的AOP
- ssh、telnet、ftp、samba 服务器的配置 总结及感悟
- springmvc配置文件web.xml详解各方总结。
- (总结)Nginx配置文件nginx.conf中文详解
- windows平台上cygwin安装配置错误总结——connect to host localhost port 22: Connection refused
- 总结配置文件的读取和生成
- H3C各种型号交换机端口镜像配置方法总结
- 用户和组相关的配置文件总结
- mailman安装配置总结
- Selenium Webdriver 学习总结-Jenkins配置(八)
- Eclipse配置Axis2总结
- iBatis2学习笔记:SqlMap 的配置总结(18条)
- Ubuntu Server下配置Tomcat6+MySQL5总结