HAProxy ALOHA Documentation 9.5

Packet Capture

The diagnostic tool capture captures network traffic to retrieve the following information:

  • Source MAC and IP address

  • VRID

  • VRRP priority

From the Web user interface (web UI)

  1. Open the DiagTools tab.

  2. From Select list, choose capture (interface*, filter*, ignored).

  3. Enter the following parameters:

    • interface: Capture on a single interface. Default capture on all interfaces

    • filter: (optional) which packets to capture. By default, all packets are captured.

      For example:

      • A protocol name: vrrp, icmp

      • A specific IP address: host <ip>

      • A specific TCP or UDP port: port <port>

  4. Click Run.

From the command line interface (CLI)

  1. Get root rights by typing root.

  2. Run tcpdump -vvvenns0 -c 5 [-i <interface>] <filter>.

Output example

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
04:59:41.088388 00:15:5d:75:2e:1b > 01:00:5e:00:00:12, ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 255, id 879, offset
 0 flags [none], [...]
04:59:41.157687 00:15:5d:75:2e:45 > 00:15:5d:75:2e:1b, ethertype ARP (0x0806), length 42: arp who-has 10.0.0.190
(00:15:5d:75:2e:1b) tell 10.0.0.187
04:59:41.157723 00:15:5d:75:2e:1b > 00:15:5d:75:2e:45, ethertype ARP (0x0806), length 42: arp reply 10.0.0.190 is-at
00:15:5d:75:2e:1b
04:59:41.306124 00:15:5d:75:2e:1b > 00:15:5d:75:2e:45, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 64, id 48464,
offset 0, flags [DF], [...]
04:59:41.307063 00:15:5d:75:2e:45 > 00:15:5d:75:2e:1b, ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 128, id 6419,
offset 0, flags [DF], [...]
5 packets captured
0 packets received by filter
0 packets dropped by kernel

Tips

Capture VRRP traffic

To capture VRRP traffic, use vrrp as <filter> and choose an interface

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
14:12:27.936839 00:0c:49:65:47:0e > ... , proto VRRP (112), 10.9.104.253 > 224.0.0.18, ... , vrid 30, prio 35, ... , addrs: ...
14:12:28.250381 00:0c:59:20:c7:f6 > ... , proto VRRP (112), 10.9.104.241 > 224.0.0.18, ... , vrid 166, prio 133, ... , addrs: ...
14:12:28.460930 00:0d:b9:18:b9:74 > ... , proto VRRP (112), 10.9.104.253 > 224.0.0.18, ... , vrid 55, prio 70, ... , addrs: ...
14:12:28.939831 00:0c:49:65:47:0e > ... , proto VRRP (112), 10.9.104.253 > 224.0.0.18, ... , vrid 30, prio 35, ... , addrs: ...
14:12:28.250381 00:0c:59:20:c7:f6 > ... , proto VRRP (112), 10.9.104.241 > 224.0.0.18, ... , vrid 166, prio 133, ... , addrs: ...
5 packets captured
0 packets received by filter
0 packets dropped by kernel

Next up

Ping