Manualshelf

Technical data

ManualsBrandsCompaq ManualsComputer equipmentCompaq TCP/IP Services for OpenVMS
21222324252627282930
Troubleshooting Techniques and Tools
1.2 Isolating Problems
1.2.5.3 Analyzing Output
The output of the
tcpdump
utility is protocol dependent. The following sections
describe the formats and provide examples.
1.2.5.3.1 Link Level Headers The
-e
option is used to display the link level
header. On Ethernet networks, the source and destination addresses, protocol,
and packet length are displayed.
Only Ethernet frame types are supported with
tcpdump
.
1.2.5.3.2 ARP Packets ARP output shows the type of request and its
arguments. The format is intended to be self explanatory. The following example
is taken from the start of an RLOGIN session from host
rtsg
to host
csam
:
arp who-has csam tell rtsg
arp reply csam is-at CSAM
The first line indicates that host rtsg sent an ARP packet asking for the Ethernet
address of Internet host csam. Host csam replies with its Ethernet address
(in this example, Ethernet addresses are uppercase and Internet addresses in
lowercase).
This is equivalent to:
arp who-has 128.3.254.6 tell 128.3.254.68
arp reply 128.3.254.6 is-at 02:07:01:00:01:c4
If you issue the
tcpdump -e
command, the first packet is explicitly a broadcast
packet and the second is a point-to-point packet:
RTSG Broadcast 0806 64: arp who-has csam tell rtsg
CSAM RTSG 0806 64: arp reply csam is-at CSAM
For the first packet, the Ethernet source address is RTSG, the destination is the
broadcast address, the type field contain hex 0806 (type ETHER_ARP) and the
total length is 64 bytes.
1.2.5.3.3 TCP Packets The following description assumes familiarity with the
TCP protocol described in RFC 793.
The general format of a TCP protocol line is:
src > dst: flags data-seqno ack window options
The fields represent the following:
src
The source IP addresses and ports.
dst
The destination IP addresses and ports.
flags
The sum combination of S (SYN), F (FIN), P (PUSH), or R (RST) or a single
period (.) for no flags.
data-seqno
The portion of sequence space covered by the data in this packet (see the
example below).
ack
The sequence number of the next data expected from the other direction on
this connection.
1–16 Troubleshooting Techniques and Tools