ISILON: 모든 노드의 여러 인터페이스에서 규정 준수 모드로 tcpdump를 실행하는 방법

Summary: 규정 준수 모드에서는 Support의 일반적인 tcpdump 명령을 약간 변경해야 합니다.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Instructions

  1. 패킷 캡처를 저장할 폴더를 생성합니다. 
    1. mkdir -p /ifs/data/tcpdump/$(date +%F)

# Writes to Isilon_Support are protected, use /ifs/data/tcpdump/ instead.
  2. 캡처를 시작합니다. 
    1. sudo isi_for_array 'for iface in `ifconfig | grep -B3 ether | grep flags | grep -v ISIINTERNAL | cut -d ":" -f1`; do echo `hostname`; sudo tcpdump -i $iface -s1000 -w /ifs/data/tcpdump/$(date +%F)/`hostname`_"$iface"_$(date +%F_%H%M%S).pcap &; done'

# Press Ctrl+C to return to the shell prompt after all tcpdumps have started.
# See the notes for expected output. (There are a number of errors that don't affect the capture)
  3. 캡처가 실행 중인지 확인합니다. 
    1. sudo isi_for_array "ps -auwwxx | grep tcpdump | grep -v grep"
  4. 문제를 재현합니다.
  5. 캡처를 중지하고 모든 노드에서 중지되었는지 확인합니다. 
    1. sudo isi_for_array "sudo killall tcpdump"
sudo isi_for_array "ps -auwwxx | grep tcpdump | grep -v grep"

# See notes for expected output
  6. 로그 세트와 함께 캡처를 업로드합니다. 
    1. sudo isi_gather_info -f /ifs/data/tcpdump/$(date +%F)

Additional Information

캡처를 실행할 때 예기치 않은 "do"에 대한 여러 오류를 볼 수 있습니다. 이는 무시할 수 있습니다.
다음은 성공적인 캡처 시작을 보여줍니다.

Isilon-1% sudo isi_for_array 'for iface in `ifconfig | grep -B3 ether | grep flags | grep -v ISIINTERNAL | cut -d ":" -f1`; do echo `hostname`; sudo tcpdump -i $iface -s1000 -w /ifs/data/tcpdump/$(date +%F)/`hostname`_"$iface"_$(date +%F_%H%M%S).pcap &; done'

Syntax error: "do" unexpected
Syntax error: "do" unexpected
Syntax error: "do" unexpected
Isilon-1: Isilon-1
Isilon-3: Isilon-3
Isilon-1: Isilon-1
Isilon-2: Isilon-2
Isilon-1: tcpdump: WARNING: unable to contact casperd
Isilon-1: tcpdump: WARNING: em2: no IPv4 address assigned
Isilon-1: tcpdump: WARNING: unable to contact casperd
Isilon-1: tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 1000 bytes
Isilon-1: tcpdump: listening on em2, link-type EN10MB (Ethernet), capture size 1000 bytes
Isilon-3: Isilon-3
Isilon-3: tcpdump: WARNING: em1: no IPv4 address assigned
Isilon-3: tcpdump: WARNING: unable to contact casperd
Isilon-3: tcpdump: WARNING: em2: no IPv4 address assigned
Isilon-3: tcpdump: WARNING: unable to contact casperd
Isilon-3: tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 1000 bytes
Isilon-3: tcpdump: listening on em2, link-type EN10MB (Ethernet), capture size 1000 bytes
Isilon-2: Isilon-2
Isilon-2: tcpdump: WARNING: em2: no IPv4 address assigned
Isilon-2: tcpdump: WARNING: unable to contact casperd
Isilon-2: tcpdump: WARNING: em1: no IPv4 address assigned
Isilon-2: tcpdump: WARNING: unable to contact casperd
Isilon-2: tcpdump: listening on em2, link-type EN10MB (Ethernet), capture size 1000 bytes
Isilon-2: tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 1000 bytes

# Pressed Ctrl+C to return to shell
Isilon-1%

When checking running processes, expect to see something like the following:

Isilon-1% sudo isi_for_array "ps -auwwxx | grep tcpdump | grep -v grep"
Isilon-3: root      71317   0.0  0.3  90240  6188  -  SN@   3:25PM     0:00.01 sudo tcpdump -i em1 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-3_2018-09-14_152532.pcap
Isilon-3: root      71322   0.0  0.3  90240  6188  -  SN@   3:25PM     0:00.01 sudo tcpdump -i em2 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-3_2018-09-14_152532.pcap
Isilon-3: root      71323   0.0  0.4  70236  7816  -  SN    3:25PM     0:00.02 tcpdump -i em1 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-3_2018-09-14_152532.pcap
Isilon-3: root      71324   0.0  0.4  70236  7820  -  SN    3:25PM     0:00.02 tcpdump -i em2 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-3_2018-09-14_152532.pcap
Isilon-1: root      76007   0.0  0.3  89984   6088  -  SN@   3:25PM     0:00.01 sudo tcpdump -i em1 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-1_2018-09-14_152532.pcap
Isilon-1: root      76012   0.0  0.3  89984   6088  -  SN@   3:25PM     0:00.01 sudo tcpdump -i em2 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-1_2018-09-14_152532.pcap
Isilon-1: root      76013   0.0  0.4  70236   7736  -  SN    3:25PM     0:00.02 tcpdump -i em1 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-1_2018-09-14_152532.pcap
Isilon-1: root      76014   0.0  0.4  70236   7736  -  SN    3:25PM     0:00.02 tcpdump -i em2 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-1_2018-09-14_152532.pcap
Isilon-2: root      51721   0.0  0.3  90240  6180  -  SN@   3:25PM     0:00.01 sudo tcpdump -i em1 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-2_2018-09-14_152532.pcap
Isilon-2: root      51726   0.0  0.3  90240  6180  -  SN@   3:25PM     0:00.01 sudo tcpdump -i em2 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-2_2018-09-14_152532.pcap
Isilon-2: root      51727   0.0  0.4  70236  7752  -  SN    3:25PM     0:00.02 tcpdump -i em2 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-2_2018-09-14_152532.pcap
Isilon-2: root      51728   0.0  0.4  70236  7752  -  SN    3:25PM     0:00.02 tcpdump -i em1 -s1000 -w /ifs/data/tcpdump/2018-09-14/Isilon-2_2018-09-14_152532.pcap

After killing tcpdump, expect to see the following:

Isilon-1% sudo isi_for_array "ps -auwwxx | grep tcpdump | grep -v grep"
Isilon-2 exited with status 1
Isilon-1 exited with status 1
Isilon-3 exited with status 1

Affected Products

Isilon
Article Properties
Article Number: 000019451
Article Type: How To
Last Modified: 22 May 2025
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.