Skip to main content

How can we help you?

Druva Documentation

How to collect network traces using inbuilt utilities

This article applies to:

  • OS: Linux and Windows
  • Product edition: Phoenix

Overview

This article describes procedures to collect network trace on Linux, macOS, and Windows systems.

Collect network trace

Follow the steps provided below for the respective operating systems. The commands specified in the procedure must be run from an elevated command prompt.

 Reserve adequate free space in the drive on which the trace files will be saved to avoid running out of disk space.

On Linux/macOS

Use the tcpdump tool to collect the network trace.

  1. In most Linux systems, tcpdump tool is pre-installed. If the tool is not installed, install it with the following command:

    yum install tcpdump
  2. Determine the name of the active network adapter using any of the below commands.
    • tcpdump -D
    • ip -a
    • ifconfig
  3. Collect the network packets and save them in a pcap file

    tcpdump -w /tmp/0001.pcap -i en0

    Where:

    • /tmp is the location where we want to save the capture

    • 0001.pcap is the name of the capture file

    • en0 is the name of the active adapter derived in Step 2

  4. Reproduce the issue.

  5. Use Ctrl+C to stop the capture.

  6. Collect the /tmp/0001.pcap and send it for analysis.

On Windows

Use the netsh tool to capture etl tracing. 

  1.  Create a temporary directory. C:\temp1 is created as an example to explain this procedure.
  2. Start the trace with the following command:

    NETSH TRACE START CAPTURE=YES TRACEFILE=c:\temp1\example.etl


    Where,
    • example.etl is the name of the trace file.
    • c:\temp1 is the location where the trace file is saved.
  3. Reproduce the issue.
  4. Stop the trace with the following command:

    NETSH TRACE STOP
  5. Collect the entire C:\Temp1 directory and share it with support in a zipped file for analysis.