How works the tcpdump from RUM console (cba capture) ?
Is this tcpdump works for the all kind of traffic span - I think to the copy of VLAN.
Is this tcpdump works for all the trafic - and in particular for the trafic not define as a Software service ?
Is this tcpdump works the same with the custom driver or the nativ driver
What are the limitations of this tcpdump?
It works the same as the one in rcon, with the following limitations:
It works with both drivers.
Please let us know if this answer your question.
Thank you Adam, for your answer.
But, since my last experience with the RUM console, I have a doubt.
Is it possible to capture all type of traffic which are seen by the interface , even if this traffic is not défined as a software service ?
In other words, in this case, if the capture doesn't work, is it an issue from RUM console ? And can I open a call ?
The capture mechanism available from RUM Console records every bit of traffic that is spanned to the AMD, regardless if it's defined as a Software Service or not.
If you believe the capture is not recording something you should first check if sampling mechanism is not affecting your trace like on below example:
If that is the case you can turn off the sampling. It can be done in /usr/adlex/config/cba.config.xml file by changing true to false in the following line:
Then restart of CBA is needed:
service cba restart
Also remember that if you have a SPAN port as the source, you can't be sure you are getting all packets or unaltered packets since a common setup peels off the VLN tag on the packets (f.ex)