Hello, 9 Packet Capture ConfigurationThis chapter describes how to configure packet capture and provides configuration examples.  NOTE:Based on your requirements to detect failures in telecom transmission, this feature may collect or store some communication information about specific customers. Huawei cannot offer services to collect or store this information unilaterally. Before enabling the function, ensure that it is performed within the boundaries permitted by applicable laws and regulations. Effective measures must be taken to ensure that information is securely protected. 9.1 OverviewThis function improves network maintenance efficiency and reduces maintenance costs. As Internet develops, devices on a network transmit various services, and network administrators often need to capture packets on devices to locate faults. The packet capturing function allows devices to capture received packets for fault location. This function simplifies the configurations of packet analysis device and network monitoring device. After the packet capturing function is enabled, the devices capture the packets matching certain conditions and send these packets to a remote server. The maintenance personnel can run commands to view information about captured packets or save the captured packets to the local storage media as *.cap files. The saved files can be downloaded for fault analysis. This function greatly improves maintenance efficiency and reduces maintenance costs. The S7700 and S9700 can capture the following two types of packets: - Service packets: If an error occurs in service traffic forwarding (for example, the traffic status does not match the traffic model), it is recommended that you configure the device to capture service packets for analysis so that the device can quickly identify invalid packets. This function ensures correct data transmission on the network.
- Packets sent to the CPU: When a CPU fault occurs, such as the CPU usage is high, configure the packet capture function to capture packets sent to the CPU for analysis. This allows the device to process invalid packets in time, ensuring that the CPU works properly.
9.2 Licensing Requirements and Limitations for Packet CaptureInvolved Network ElementsOther network elements are not required. Licensing RequirementsPacket capture is a basic feature of a switch and is not under License control. Version RequirementsTable 9-1 Products and versions supporting packet captureProduct | Product Model | Software Version |
|---|
| S7700 | S7703, S7706, S7712 | V100R003C01, V100R006C00, V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C10 | | S9700 | S9703, S9706, S9712 | V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007(C00&C10), V200R008C00, V200R009C00, V200R010C00, V200R011C10 |
Feature Limitations- The device can capture only incoming packets and cannot capture outgoing packets.
- The packet capture configuration is not saved in the configuration file, and becomes invalid after a packet capture instance is complete.
- Different packet capture instances cannot be executed simultaneously. That is, a new packet capture instance can be executed only when the previous one is complete.
- The system limits the rate of captured packets. The default rate limit is 64 kbit/s. If the rate of packets exceeds the limit, some packets may be discarded.
- If an interface on the X series cards has been added to an Eth-Trunk, packets on the interface cannot be captured.
9.3 Configuring the Device to Capture Service PacketsContextIf the device fails to forward traffic correctly, configure the packet capture function to capture service packets for analysis. This allows the device to process invalid packets in time, ensuring that network data can be transmitted correctly. You can configure ACL rules to capture packets matching a specified ACL. Procedure- Run:
system-view The system view is displayed. - Run:
capture-packet { interface interface-type interface-number | acl acl-number }* [ vlan vlan-id | cvlan cvlan-id ]*destination { file file-name | terminal }* [ car cir car-value | time-out time-out-value | packet-num number | packet-len { length | total-packet } ]*The device is configured to capture service packets. NOTE:- The packet capture configuration is not saved in the configuration file, and becomes invalid when packet capture is complete.
- The device can capture only upstream packets and cannot capture downstream packets.
- Before using the capture-packet command again, wait until the last command execution is complete.
- The system limits the rate of captured packets. The default rate limit is 64 kbit/s. If the rate of packets exceeds the limit, some packets may be discarded.
- The device cannot capture the packets of BFD, 802.1ag and VBST.
- If an interface on an X1E card is added to an Eth-trunk, the interface does not support packet capturing.
9.4 Configuring Capturing for Packets Sent to the CPUContextWhen a CPU fault occurs, configure the packet capture function to capture packets sent to the CPU for analysis. This allows the device to process invalid packets in time, ensuring that the CPU works properly. You can configure ACL rules to capture packets matching a specified ACL. Procedure- Run:
system-view The system view is displayed. - Run:
capture-packet cpu [ vlan vlan-id | acl acl-number ]*destination { file file-name | terminal }* [ time-out time-out-value | packet-num number | packet-len { length | total-packet } ]*The device is configured to capture packets sent to the CPU. NOTE:- The packet capture configuration is not saved in the configuration file, and becomes invalid when packet capture is complete.
- Before using the capture-packet cpu command again, wait until the last command execution is complete.
- When the CPU usage is above 80%, executing this command will keep the CPU usage increasing.
9.5 Configuration Examples9.5.1 Example for Configuring Packet CapturingNetworking RequirementsIn Figure 9-1, the switch connects to the network through GE1/0/1. The user needs to capture the packets received by GE1/0/1 and the packets to be sent to the CPU, and display the captured packets on the terminal. Figure 9-1 Networking diagram for configuring the packet capture function Configuration RoadmapThe configuration roadmap is as follows: - Capture service packets sent upstream from GE1/0/1, and display captured packet information on the terminal.
- Capture packets sent to the CPU, and display captured packet information on the terminal.
Procedure- Capture service packets sent upstream from GE1/0/1, and display captured packet information on the terminal.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] capture-packet interface gigabitethernet 1/0/1 destination terminal packet-num 3 packet-len 128
[Switch]
Packet: 1
-------------------------------------------------------
01 00 5e 00 00 fc 00 1b 21 c4 82 0f 81 00 0f ff
08 00 45 00 00 32 65 cb 00 00 01 11 80 48 c0 a8
32 03 e0 00 00 fc ce 94 14 eb 00 1e 4b 3f 24 6f
00 00 00 01 00 00 00 00 00 00 04 77 70 61 64 00
00 01 00 01
-------------------------------------------------------
Packet: 2
-------------------------------------------------------
33 33 00 01 00 03 00 1b 21 c4 82 0f 81 00 0f ff
86 dd 60 00 00 00 00 1e 11 01 fe 80 00 00 00 00
00 00 d5 b2 02 74 37 0b 4c 6e ff 02 00 00 00 00
00 00 00 00 00 00 00 01 00 03 e3 11 14 eb 00 1e
d2 74 03 3d 00 00 00 01 00 00 00 00 00 00 04 77
70 61 64 00 00 01 00 01
-------------------------------------------------------
Packet: 3
-------------------------------------------------------
01 00 5e 00 00 fc 00 1b 21 c4 82 0f 81 00 0f ff
08 00 45 00 00 32 62 2e 00 00 01 11 83 e5 c0 a8
32 03 e0 00 00 fc d4 df 14 eb 00 1e dc 49 8d 19
00 00 00 01 00 00 00 00 00 00 04 77 70 61 64 00
00 01 00 01
-------------------------------------------------------
------------------packet getting report-----------------------
file: NULL
packets getting: interface GigabitEthernet1/0/1
acl: -
vlan: - cvlan: -
car: 64kbps timeout: 60s
packets: 3 (expected) 3 (actual)
length: 128 (expected)
------------------------------------------------------- - Capture packets sent to the CPU, and display captured packet information on the terminal.
[Switch] capture-packet cpu destination terminal packet-num 3 packet-len 128
[Switch]
Packet: 1
-------------------------------------------------------
01 80 c2 00 00 0e 02 00 00 00 00 00 81 00 00 0c
88 cc 02 07 04 02 00 00 00 00 00 04 16 05 47 69
67 61 62 69 74 45 74 68 65 72 6e 65 74 30 2f 30
2f 31 30 06 02 00 78 08 15 47 69 67 61 62 69 74
45 74 68 65 72 6e 65 74 30 2f 30 2f 31 30 0a 09
31 30 38 2d 53 31 37 32 30 0c a1 53 31 37 32 30
2d 32 30 47 46 52 2d 34 54 50 2d 41 43 0d 0a 48
75 61 77 65 69 20 56 65 72 73 61 74 69 6c 65 20
-------------------------------------------------------
Packet: 2
-------------------------------------------------------
01 80 c2 00 00 0e 02 35 20 36 ad cc 81 00 0f ff
88 cc 02 07 04 02 35 20 36 ad cc 04 0f 05 45 74
68 65 72 6e 65 74 30 2f 30 2f 31 30 06 02 00 78
08 0e 45 74 68 65 72 6e 65 74 30 2f 30 2f 31 30
0a 0b 31 30 37 2d 53 32 33 35 30 45 49 0c a3 53
32 33 35 30 2d 32 30 54 50 2d 50 57 52 2d 45 49
2d 41 43 0d 0a 48 75 61 77 65 69 20 56 65 72 73
61 74 69 6c 65 20 52 6f 75 74 69 6e 67 20 50 6c
-------------------------------------------------------
Packet: 3
-------------------------------------------------------
01 80 c2 00 00 0a 00 e0 fc 09 bc f9 81 00 00 01
88 a7 00 03 00 00 01 b4 fb 8e 00 01 00 0e 00 00
00 00 02 00 00 00 00 00 00 07 00 19 31 30 39 2d
53 31 37 32 30 20 56 32 30 30 52 30 30 36 43 31
30 00 0f 00 15 53 31 37 32 30 20 56 32 30 30 52
30 30 36 43 31 30 00 12 00 1d 56 65 72 73 69 6f
6e 20 35 2e 31 36 30 20 56 32 30 30 52 30 30 36
43 31 30 00 11 00 1d 56 65 72 73 69 6f 6e 20 35
-------------------------------------------------------
------------------packet getting report-----------------------
file: NULL
packets getting: cpu
acl: -
vlan: - cvlan: -
car: -- timeout: 60s
packets: 3 (expected) 3 (actual)
length: 128 (expected)
-------------------------------------------------------
For more details you can see
Thanks
|
