16808 Packet capturing issue

Created: Oct 23, 2019 09:55:02Latest reply: Oct 24, 2019 06:12:13 106 6 0 0
  Rewarded Hi-coins: 0 (problem resolved)

Hi,

Did Huawei 16808 support  any built in packet capturing tool

  • x
  • convention:

Featured Answers
Popeye_Wang
Admin Created Oct 23, 2019 11:43:34 Helpful(1) Helpful(1)

Posted by sohaib.ansar at 2019-10-23 10:12 can we use packet capturing firstly and use wire shark to check the packets?
On the device, you can run the capture-packet command to capture packets and save them as .cap files. Then, use FTP to export the files and use the packet capture software to analyze the files.

Example
# Capture packets on 10GE1/0/1 matching ACL 2000 and save captured packet information in the capture.cap file.
<HUAWEI> capture-packet interface 10ge 1/0/1 acl 2000 destination file capture.cap

Refer to
http://support.huawei.com/hedex/hdx.do?docid=EDOC1100100456&id=EN-US_CLIREF_0141119899&text=null&lang=en
  • x
  • convention:

All Answers
wissal
wissal MVE Created Oct 23, 2019 10:02:58 Helpful(0) Helpful(0)

Hello,
  • 9  Packet Capture Configuration

    This chapter describes how to configure packet capture and provides configuration examples.

    imgDownload?uuid=df49ca76517b4ef3bab66ac NOTE:
    Based on your requirements to detect failures in telecom transmission, this feature may collect or store some communication information about specific customers. Huawei cannot offer services to collect or store this information unilaterally. Before enabling the function, ensure that it is performed within the boundaries permitted by applicable laws and regulations. Effective measures must be taken to ensure that information is securely protected.

    9.1  Overview

    This function improves network maintenance efficiency and reduces maintenance costs. As Internet develops, devices on a network transmit various services, and network administrators often need to capture packets on devices to locate faults. The packet capturing function allows devices to capture received packets for fault location. This function simplifies the configurations of packet analysis device and network monitoring device.

    After the packet capturing function is enabled, the devices capture the packets matching certain conditions and send these packets to a remote server. The maintenance personnel can run commands to view information about captured packets or save the captured packets to the local storage media as *.cap files. The saved files can be downloaded for fault analysis. This function greatly improves maintenance efficiency and reduces maintenance costs.

    The S7700 and S9700 can capture the following two types of packets:
    • Service packets: If an error occurs in service traffic forwarding (for example, the traffic status does not match the traffic model), it is recommended that you configure the device to capture service packets for analysis so that the device can quickly identify invalid packets. This function ensures correct data transmission on the network.
    • Packets sent to the CPU: When a CPU fault occurs, such as the CPU usage is high, configure the packet capture function to capture packets sent to the CPU for analysis. This allows the device to process invalid packets in time, ensuring that the CPU works properly.

    9.2  Licensing Requirements and Limitations for Packet Capture

    Involved Network Elements

    Other network elements are not required.

    Licensing Requirements

    Packet capture is a basic feature of a switch and is not under License control.

    Version Requirements

    Table 9-1  Products and versions supporting packet capture

    Product

    Product Model

    Software Version

    S7700

    S7703, S7706, S7712

    V100R003C01, V100R006C00, V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, V200R011C10

    S9700

    S9703, S9706, S9712

    V200R001(C00&C01), V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007(C00&C10), V200R008C00, V200R009C00, V200R010C00, V200R011C10

    imgDownload?uuid=df49ca76517b4ef3bab66ac NOTE:
    To know details about software mappings, see Hardware Query Tool.

    Feature Limitations

    • The device can capture only incoming packets and cannot capture outgoing packets.
    • The packet capture configuration is not saved in the configuration file, and becomes invalid after a packet capture instance is complete.
    • Different packet capture instances cannot be executed simultaneously. That is, a new packet capture instance can be executed only when the previous one is complete.
    • The system limits the rate of captured packets. The default rate limit is 64 kbit/s. If the rate of packets exceeds the limit, some packets may be discarded.
    • If an interface on the X series cards has been added to an Eth-Trunk, packets on the interface cannot be captured.

    9.3  Configuring the Device to Capture Service Packets

    Context

    If the device fails to forward traffic correctly, configure the packet capture function to capture service packets for analysis. This allows the device to process invalid packets in time, ensuring that network data can be transmitted correctly.

    You can configure ACL rules to capture packets matching a specified ACL.

    Procedure

    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      capture-packet { interface interface-type interface-number | acl acl-number }* [ vlan vlan-id | cvlan cvlan-id ]*destination { file file-name | terminal }* [ car cir car-value | time-out time-out-value | packet-num number | packet-len { length | total-packet } ]*

      The device is configured to capture service packets.

      imgDownload?uuid=df49ca76517b4ef3bab66ac NOTE:
      • The packet capture configuration is not saved in the configuration file, and becomes invalid when packet capture is complete.
      • The device can capture only upstream packets and cannot capture downstream packets.
      • Before using the capture-packet command again, wait until the last command execution is complete.
      • The system limits the rate of captured packets. The default rate limit is 64 kbit/s. If the rate of packets exceeds the limit, some packets may be discarded.
      • The device cannot capture the packets of BFD, 802.1ag and VBST.
      • If an interface on an X1E card is added to an Eth-trunk, the interface does not support packet capturing.

    9.4  Configuring Capturing for Packets Sent to the CPU

    Context

    When a CPU fault occurs, configure the packet capture function to capture packets sent to the CPU for analysis. This allows the device to process invalid packets in time, ensuring that the CPU works properly. You can configure ACL rules to capture packets matching a specified ACL.

    Procedure

    1. Run:

      system-view

      The system view is displayed.

    2. Run:

      capture-packet cpu [ vlan vlan-id | acl acl-number ]*destination { file file-name | terminal }* [ time-out time-out-value | packet-num number | packet-len { length | total-packet } ]*

      The device is configured to capture packets sent to the CPU.

      imgDownload?uuid=df49ca76517b4ef3bab66ac NOTE:
      • The packet capture configuration is not saved in the configuration file, and becomes invalid when packet capture is complete.
      • Before using the capture-packet cpu command again, wait until the last command execution is complete.
      • When the CPU usage is above 80%, executing this command will keep the CPU usage increasing.

    9.5  Configuration Examples

    9.5.1  Example for Configuring Packet Capturing

    Networking Requirements

    In Figure 9-1, the switch connects to the network through GE1/0/1.

    The user needs to capture the packets received by GE1/0/1 and the packets to be sent to the CPU, and display the captured packets on the terminal.

    Figure 9-1  Networking diagram for configuring the packet capture function
    imgDownload?uuid=5017e34d1b94403b9a4ae4f

    Configuration Roadmap

    The configuration roadmap is as follows:
    1. Capture service packets sent upstream from GE1/0/1, and display captured packet information on the terminal.
    2. Capture packets sent to the CPU, and display captured packet information on the terminal.

    Procedure

    1. Capture service packets sent upstream from GE1/0/1, and display captured packet information on the terminal.

      <HUAWEI> system-view
      [HUAWEI] sysname Switch
      [Switch] capture-packet interface gigabitethernet 1/0/1 destination terminal packet-num 3 packet-len 128
      [Switch]
        Packet: 1
        -------------------------------------------------------
        01 00 5e 00 00 fc 00 1b 21 c4 82 0f 81 00 0f ff
        08 00 45 00 00 32 65 cb 00 00 01 11 80 48 c0 a8
        32 03 e0 00 00 fc ce 94 14 eb 00 1e 4b 3f 24 6f
        00 00 00 01 00 00 00 00 00 00 04 77 70 61 64 00
        00 01 00 01
        -------------------------------------------------------
      
        Packet: 2
        -------------------------------------------------------
        33 33 00 01 00 03 00 1b 21 c4 82 0f 81 00 0f ff
        86 dd 60 00 00 00 00 1e 11 01 fe 80 00 00 00 00
        00 00 d5 b2 02 74 37 0b 4c 6e ff 02 00 00 00 00
        00 00 00 00 00 00 00 01 00 03 e3 11 14 eb 00 1e
        d2 74 03 3d 00 00 00 01 00 00 00 00 00 00 04 77
        70 61 64 00 00 01 00 01
        -------------------------------------------------------
      
        Packet: 3
        -------------------------------------------------------
        01 00 5e 00 00 fc 00 1b 21 c4 82 0f 81 00 0f ff
        08 00 45 00 00 32 62 2e 00 00 01 11 83 e5 c0 a8
        32 03 e0 00 00 fc d4 df 14 eb 00 1e dc 49 8d 19
        00 00 00 01 00 00 00 00 00 00 04 77 70 61 64 00
        00 01 00 01
        -------------------------------------------------------
      
        ------------------packet getting report-----------------------
        file: NULL
        packets getting: interface GigabitEthernet1/0/1
        acl: -
        vlan: -  cvlan: -
        car: 64kbps timeout: 60s
        packets: 3 (expected) 3 (actual)
        length: 128 (expected)
        -------------------------------------------------------                                                                                   

    2. Capture packets sent to the CPU, and display captured packet information on the terminal.

      [Switch] capture-packet cpu destination terminal packet-num 3 packet-len 128
      [Switch]
        Packet: 1
        -------------------------------------------------------
        01 80 c2 00 00 0e 02 00 00 00 00 00 81 00 00 0c
        88 cc 02 07 04 02 00 00 00 00 00 04 16 05 47 69
        67 61 62 69 74 45 74 68 65 72 6e 65 74 30 2f 30
        2f 31 30 06 02 00 78 08 15 47 69 67 61 62 69 74
        45 74 68 65 72 6e 65 74 30 2f 30 2f 31 30 0a 09
        31 30 38 2d 53 31 37 32 30 0c a1 53 31 37 32 30
        2d 32 30 47 46 52 2d 34 54 50 2d 41 43 0d 0a 48
        75 61 77 65 69 20 56 65 72 73 61 74 69 6c 65 20
        -------------------------------------------------------
      
        Packet: 2
        -------------------------------------------------------
        01 80 c2 00 00 0e 02 35 20 36 ad cc 81 00 0f ff
        88 cc 02 07 04 02 35 20 36 ad cc 04 0f 05 45 74
        68 65 72 6e 65 74 30 2f 30 2f 31 30 06 02 00 78
        08 0e 45 74 68 65 72 6e 65 74 30 2f 30 2f 31 30
        0a 0b 31 30 37 2d 53 32 33 35 30 45 49 0c a3 53
        32 33 35 30 2d 32 30 54 50 2d 50 57 52 2d 45 49
        2d 41 43 0d 0a 48 75 61 77 65 69 20 56 65 72 73
        61 74 69 6c 65 20 52 6f 75 74 69 6e 67 20 50 6c
        -------------------------------------------------------
      
        Packet: 3
        -------------------------------------------------------
        01 80 c2 00 00 0a 00 e0 fc 09 bc f9 81 00 00 01
        88 a7 00 03 00 00 01 b4 fb 8e 00 01 00 0e 00 00
        00 00 02 00 00 00 00 00 00 07 00 19 31 30 39 2d
        53 31 37 32 30 20 56 32 30 30 52 30 30 36 43 31
        30 00 0f 00 15 53 31 37 32 30 20 56 32 30 30 52
        30 30 36 43 31 30 00 12 00 1d 56 65 72 73 69 6f
        6e 20 35 2e 31 36 30 20 56 32 30 30 52 30 30 36
        43 31 30 00 11 00 1d 56 65 72 73 69 6f 6e 20 35
        -------------------------------------------------------
      
        ------------------packet getting report-----------------------
        file: NULL
        packets getting: cpu
        acl: -
        vlan: -  cvlan: -
        car: -- timeout: 60s
        packets: 3 (expected) 3 (actual)
        length: 128 (expected)
        -------------------------------------------------------
For more details you can see

Thanks
  • x
  • convention:

Telecommunications%20engineer%2C%20currently%20senior%20project%20manager%20at%20an%20operator%2C%20partner%20of%20Huawei%2C%20in%20the%20radio%20access%20network%20department%2C%20for%2020%20years%20I%20managed%20several%20types%20of%20projects%2C%20for%20the%20different%20nodes%20of%20the%20network.
chenhui
chenhui Admin Created Oct 23, 2019 10:04:59 Helpful(0) Helpful(0)

@sohaib.ansar hello,
did you mean software like wireshark? I don't think there are such tools or plug-in. You can mirror the traffic using port-mirroring to duplicate the traffic, but software like wireshark is also required.
  • x
  • convention:

sohaib.ansar
sohaib.ansar Created Oct 23, 2019 10:12:11 Helpful(0) Helpful(0)

Posted by chenhui at 2019-10-23 10:04 @sohaib.ansar hello, did you mean software like wireshark? I don't think there are such tools or plu ...
can we use packet capturing firstly and use wire shark to check the packets?
  • x
  • convention:

Network%20Enthusiast
chenhui
chenhui Admin Created Oct 23, 2019 11:20:03 Helpful(0) Helpful(0)

Posted by sohaib.ansar at 2019-10-23 10:12 can we use packet capturing firstly and use wire shark to check the packets?
yeah, the port mirroring will duplicate the packets to the observe port. You can capture the duplicated packets with wireshark on the observe port.
  • x
  • convention:

Popeye_Wang
Popeye_Wang Admin Created Oct 23, 2019 11:43:34 Helpful(1) Helpful(1)

Posted by sohaib.ansar at 2019-10-23 10:12 can we use packet capturing firstly and use wire shark to check the packets?
On the device, you can run the capture-packet command to capture packets and save them as .cap files. Then, use FTP to export the files and use the packet capture software to analyze the files.

Example
# Capture packets on 10GE1/0/1 matching ACL 2000 and save captured packet information in the capture.cap file.
<HUAWEI> capture-packet interface 10ge 1/0/1 acl 2000 destination file capture.cap

Refer to
http://support.huawei.com/hedex/hdx.do?docid=EDOC1100100456&id=EN-US_CLIREF_0141119899&text=null&lang=en
  • x
  • convention:

sohaib.ansar
sohaib.ansar Created Oct 24, 2019 06:12:13 Helpful(0) Helpful(0)

Posted by Popeye_Wang at 2019-10-23 11:43 On the device, you can run the capture-packet command to capture packets and save them as .cap fil ...
thanks popeye for your response.
  • x
  • convention:

Network%20Enthusiast

Comment

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login