We don't see any traffic in one of our AMD. Howerver, when customer launchs nestat command he watchs traffic and how the traffic is growing.
We've launched tcpdump command on rcon on this way receiving the following error:
>$ tcpdump 50000 "/var/tmp/tcpdump.pcap" "vlan and host X.X.X.X and tcp port 80"
Problem while reading rtm response
What does this message mean? Maybe that AMD doesn't reach the server X.X.X.X? Is it related with SPAN port?
Thanks in advanced.
You can try the following command without RCON.
tcpdump host X.X.X.X port xxxx tcp -i ethx
also try the following command without VLAN tag and port number.
tcpdump 50000 "/var/tmp/tcpdump.pcap" "host X.X.X.X"
the 'vlan and' part of your filter command isn't correct. just take it out, and it should work for you fine.
tcpdump 50000 "/var/tmp/tcpdump.pcap" "host X.X.X.X and tcp port 80"
Note the commands Babar mentioned, won't work if the AMD is running customized drivers.
Hi Chris and Babar,
Thanks for your answers.
I've launched the command Chris told me with the same result: "Problem while reading rtm response".
The customer has another AMD and this command and the command that I launched yesterday worked fine.
I've checked the filesystem had enough space and the user privileges to save the tcpdump capture in the path.
I found two old posts with almost the similar situations, so have a look if it helpful for you.
I've double-checked the links and I've launched this sentence:
tcpdump 0 "/var/tmp/vlan_host.cap" "(host X.X.X.X)or(vlan and host X.X.X.X)"
and I continue receiving the same error in one of the AMDs. In the other one it works.