Tuesday , March 19 2024
Home / Command Line / from Huawei CLI – capture-packet …

from Huawei CLI – capture-packet …

Network administrators often need to capture packets, on switches or routers, to locate faults. Some devices do not support remote mirroring, that’s why administrators have to go on-site to capture packets, using local mirroring.

We have a useful command (capture-packet …), on some devices, to catch packets remotely. When taking S5700 switch into consideration, we can capture all packets from an interface (port mirroring) or packets matching specified rules (traffic mirroring). These capture packets can be sent to FTP or TFTP servers and displayed on terminal screen. CX600 and NE40E routers with V6R3 software version can send capture packets to local CF card (name.cap file).

Let’s look at this command:

[Huawei]capture-packet ?
  acl        Acl
  cpu        Packet send to cpu
  interface  Ingress Interface

As you can see you can use port or traffic mirroring. You can also catch packets sent to CPU.

[Huawei]capture-packet interface GigabitEthernet 0/0/1 destination ?
  ftp-server   Send to ftp server
  terminal     Output terminal
  tftp-server  Send to tftp server

These options let you to send capture packets to FTP server, TFTP server or terminal.

Let’s assume that we want to catch packets on interface GE0/0/1 and display this information on terminal screen:

[Huawei]capture-packet interface GigabitEthernet 0/0/1 destination terminal 
Info: Captured packets will be shown on terminal. 
[Huawei]
  Packet: 1
  -------------------------------------------------------
  4c 1f cc 66 48 a4 54 89 98 16 84 42 81 00 00 01 
  08 00 45 00 00 54 01 ad 00 00 ff 01 b1 f3 02 02 
  02 02 02 02 02 03 08 00 cb 2f cf ab 01 00 e4 d3 
  42 00 06 0e 05 00 00 01 02 03 04 05 06 07 08 09 
  0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 
  1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 
  2a 2b 2c 2d 2e 2f 
  -------------------------------------------------------

  Packet: 2
  -------------------------------------------------------
  4c 1f cc 66 48 a4 54 89 98 16 84 42 81 00 00 01 
  08 00 45 00 00 54 01 ae 00 00 ff 01 b1 f2 02 02 
  02 02 02 02 02 03 08 00 a4 2d cf ab 02 00 0a d6 
  42 00 06 0e 05 00 00 01 02 03 04 05 06 07 08 09 
  0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 
  1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 
  2a 2b 2c 2d 2e 2f 
  -------------------------------------------------------

  Packet: 3
  -------------------------------------------------------
  4c 1f cc 66 48 a4 54 89 98 16 84 42 81 00 00 01 
  08 00 45 00 00 54 01 af 00 00 ff 01 b1 f1 02 02 
  02 02 02 02 02 03 08 00 91 2b cf ab 03 00 1c d8 
  42 00 06 0e 05 00 00 01 02 03 04 05 06 07 08 09 
  0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 
  1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 
  2a 2b 2c 2d 2e 2f 
  -------------------------------------------------------

  Packet: 4
  -------------------------------------------------------
  4c 1f cc 66 48 a4 54 89 98 16 84 42 81 00 00 01 
  08 00 45 00 00 54 01 b0 00 00 ff 01 b1 f0 02 02 
  02 02 02 02 02 03 08 00 7e 29 cf ab 04 00 2e da 
  42 00 06 0e 05 00 00 01 02 03 04 05 06 07 08 09 
  0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 
  1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 
  2a 2b 2c 2d 2e 2f 
  -------------------------------------------------------

  Packet: 5
  -------------------------------------------------------
  4c 1f cc 66 48 a4 54 89 98 16 84 42 81 00 00 01 
  08 00 45 00 00 54 01 b1 00 00 ff 01 b1 ef 02 02 
  02 02 02 02 02 03 08 00 75 27 cf ab 05 00 36 dc 
  42 00 06 0e 05 00 00 01 02 03 04 05 06 07 08 09 
  0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 
  1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 
  2a 2b 2c 2d 2e 2f 
  -------------------------------------------------------

Few precautions for capture-packet command:

  • If connection to FTP or TFTP servers fails, switch saves capture information locally.
  • This command can be only used for upstream traffic.
  • Capture packet command is not saved in configuration file.
  • You have to wait, to use capture-packet command again, till the last command execution is completed.

More details you can find in product documentation.

Leave a Reply

Your email address will not be published. Required fields are marked *