How to Use tcpdump to View Packet Flows
(Doc ID 2259297.1)
Last updated on AUGUST 04, 2018
Applies to:Corente Cloud Services Exchange - Version 9.2 and later
Linux OS - Version Oracle Linux 5.0 and later
Information in this document applies to any platform.
This could be taken as a tcpdump tutorial and primer with examples. Analyzing tcpdump in much greater detail is beyond the scope of this section.
tcpdump is a most powerful and widely used command-line packets sniffer or package analyzer tool which is used to capture or filter TCP/IP packets that received or transferred over a network on a specific interface. It is available under most of the Linux/Unix based operating systems. tcpdump also gives us a option to save captured packets in a file for future analysis. It saves the file in a pcap format, that can be viewed by tcpdump command or a open source GUI based tool called Wireshark (Network Protocol Analyzier) that reads tcpdump pcap format files.
One of the most common uses of tcpdump is to determine whether you are getting basic two-way communication. Lack of communication could be due to the following:
- Bad routing
- Faulty cables, interfaces of devices in the packet flow
- The server not listening on the port because the software isn't installed or started
- A network device in the packet path is blocking traffic; common culprits are firewalls, routers with access control lists and even your Linux box running iptables.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!