0

How can we enable dumping the packet data in tcpdump when our application run with onload library?

When the application run without onload library tcpdump captures the packet data but when we tried to run the application with onload library support, tcpdump not capturing any packet information

sagar
  • 47
  • 3

1 Answers1

0

The tcpdump application captures traffic flowing through the Linux kernel so will not see traffic that bypasses this, as is the case when using Onload acceleration. For this reason Onload is bundled with an application called onload_tcpdump that intercepts traffic flowing through an Onload stack.

The captured traffic can either be from all Onload stacks or a specific stack. The usage information gives information on how to use it but the parameters are broadly identical to tcpdump, such as outputting to a file.

Information on using 'onload_tcpdump' is available in the Onload User Guide: https://docs.xilinx.com/r/en-US/ug1586-onload-user/onload_tcpdump

bunnywarren
  • 41
  • 2
  • Hi bunnywarren, Thanks for reply..... we made some code changes in tcpdump.... so do you have any idea does onload_tcpdump bundled code is same as tcpdump source code? – sagar Feb 16 '23 at 07:41
  • Hi sagar. The `onload_tcpdump` application will intercept traffic passing through the Onload stack(s) and then use a Linux pipe to pass it through to `tcpdump`. The changes made may therefore already take effect, depending where they are in the flow of traffic. The code that collects the data from the Onload stack is custom and unrelated to `tcpdump` – bunnywarren Feb 16 '23 at 20:48