Manualshelf

CLI Reference Guide

ManualsBrandsDell ManualsserversDell Dell Networking N2000 Series
381382383384385386387388389390
Ethernet Configuration Commands 381
NVRAM Capture:
After packet capture is activated, packets are stored in NVRAM until the
capture file reaches its maximum size, or until the capture is stopped
manually. When the capture is started, the capture file from the previous
capture is deleted.
The captured file can be uploaded via TFTP, SFTP, SCP via CLI and SNMP
using the copy command. The name of the capture file is
cpuPktCapture.pcap.
Remote Capture:
Remote Packet Capture works in conjunction with the Wireshark
®
network
analyzer tool. A packet capture server runs on the Switch and sends the
captured packets via a TCP connection to the Wireshark tool. Once a
connection is established, packet capture is started and stopped via Wireshark
commands.
Remote capture can be enabled or disabled using the CLI. The network
operator should obtain a computer with the Wireshark tool to display the
captured traffic. When using remote capture mode, the switch doesn’t store
any captured data locally.
The local TCP port number can be configured for connecting Wireshark to
the switch. The default port number is 2002. If a firewall is installed between
the Wireshark PC and the switch, then these ports must be allowed to pass
through the firewall. The Firewall must be configured to allow the Wireshark
PC to initiate a TCP connection to the switch.
The remote capture application listens on the configured TCP port for a
connection request. Wireshark must send a request to that port to establish a
connection. Once the socket connection to Wireshark has been established,
captured CPU packets are written to the data socket. Wireshark receives the
packets and processes them locally. This continues till the session is
terminated by either end.
The following Wireshark request packets are supported:
Request to list all the remote interfaces
Request to open a remote device
Request to start a capture on a remote device
Request to close the connection with the remote peer
2CSNXXX_SWUM200.book Page 381 Tuesday, December 10, 2013 1:22 PM