centos tcpdump

yum install tcpdumptcpdump -i <network interface, eg: ens33> -nnAx 'expression' (nn: ip:port, A: ascii, X 16进制和ascii）eg:[root@k8s-node1 ~]# tcpdump -i ens33 -nn 'icmp'tcpdump: verbose out...

Neil_001

474人浏览 · 2020-01-18 16:28:54

Neil_001 · 2020-01-18 16:28:54 发布

yum install tcpdump

tcpdump -i <network interface, eg: ens33> -nnAx 'expression' (nn: ip:port, A: ascii, X 16进制和ascii）

eg:

[root@k8s-node1 ~]# tcpdump -i ens33 -nn 'icmp'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
16:18:29.849568 IP 192.168.159.135 > 192.168.159.132: ICMP echo request, id 36909, seq 1, length 64
16:18:29.849623 IP 192.168.159.132 > 192.168.159.135: ICMP echo reply, id 36909, seq 1, length 64
16:18:30.850185 IP 192.168.159.135 > 192.168.159.132: ICMP echo request, id 36909, seq 2, length 64
16:18:30.850225 IP 192.168.159.132 > 192.168.159.135: ICMP echo reply, id 36909, seq 2, length 64

[root@k8s-node1 ~]# tcpdump -i ens33 -nn 'dest host 192.168.159.135'
tcpdump: syntax error
[root@k8s-node1 ~]# tcpdump -i ens33 -nn 'dst host 192.168.159.135'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
16:21:44.688050 IP 192.168.159.2.53 > 192.168.159.135.33407: 18436 NXDomain 0/1/0 (119)
16:21:44.696574 IP 192.168.159.2.53 > 192.168.159.135.39596: 690 1/0/0 PTR localhost. (64)
16:21:46.503880 IP 192.168.159.2.53 > 192.168.159.135.41822: 60113 1/0/0 PTR localhost. (64)
16:21:47.435254 IP 192.168.159.2.53 > 192.168.159.135.42791: 33934 ServFail 0/0/0 (20)
16:21:47.444501 IP 192.168.159.2.53 > 192.168.159.135.42121: 33934 ServFail 0/0/0 (20)
16:21:56.177021 IP 192.168.159.1 > 192.168.159.135: ICMP echo request, id 1, seq 11, length 40
16:21:57.186776 IP 192.168.159.1 > 192.168.159.135: ICMP echo request, id 1, seq 12, length 40
16:21:58.035536 IP 192.168.159.2.53 > 192.168.159.135.42967: 42641 1/0/0 PTR localhost. (64)
16:21:58.193385 IP 192.168.159.1 > 192.168.159.135: ICMP echo request, id 1, seq 13, length 40
16:21:58.849807 IP 192.168.159.2.53 > 192.168.159.135.55290: 32129 ServFail 0/0/0 (20)
16:21:58.855056 IP 192.168.159.2.53 > 192.168.159.135.41988: 32129 ServFail 0/0/0 (20)
16:21:59.199716 IP 192.168.159.1 > 192.168.159.135: ICMP echo request, id 1, seq 14, length 40

[root@k8s-node1 ~]# tcpdump -i ens33 -nn 'src host 192.168.159.135'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
16:22:49.630891 IP 192.168.159.135.41634 > 192.168.159.2.53: 27789+ A? ui.localdomain. (32)
16:22:55.449932 IP 192.168.159.135.50146 > 192.168.159.2.53: 40936+ PTR? 1.0.20.172.in-addr.arpa. (41)
16:22:55.588400 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 754791894:754791946, ack 1747553912, win 255, length 52
16:22:55.682886 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 52:104, ack 53, win 255, length 52
16:22:55.827732 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 104:156, ack 105, win 255, length 52
16:22:55.966425 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 156:208, ack 157, win 255, length 52
16:22:56.015862 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 208:260, ack 209, win 255, length 52
16:22:56.199467 IP 192.168.159.135.44520 > 192.168.159.2.53: 16301+ A? ui. (20)
16:22:56.205896 IP 192.168.159.135.46922 > 192.168.159.2.53: 16301+ A? ui. (20)
16:22:56.213089 IP 192.168.159.135.37464 > 192.168.159.2.53: 60359+ A? ui.localdomain. (32)
16:22:57.300528 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 260:312, ack 261, win 255, length 52
16:22:57.490417 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 312:364, ack 313, win 255, length 52
16:22:57.662922 IP 192.168.159.135.22 > 192.168.159.1.6745: Flags [P.], seq 364:416, ack 365, win 255, length 52

K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 | 韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号前言台湾作家林清玄在接受记者采访的时候，如此评价自己 30 多年写作生涯：“第一个十年我才华横溢，‘贼光闪现’，令周边黯然失色；第二个十年，我终于‘宝光现形’，不再去抢风头，反而与身边的美丽相得益彰；进入第三个十年，繁华落尽见真醇，我进入了‘醇光初现’的阶段，真正体味到了境界之美”。长夜有穷，真水无香。领略过了 K8s“身在江

K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台？

作者 | 孙健波（天元）导读：当前云原生 DevOps 体系现状如何？面临哪些挑战？如何通过 OAM 解决云原生 DevOps 场景下的诸多问题？云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答，并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps？为什么基于 Kub