This article describes how to capture a network trace from a XenServer physical interface, Virtual Bridge, and Virtual Machine Virtual Interface.
For troubleshooting purposes, Citrix Technical Support might request you to capture a network trace from the XenServer Physical Interface (PIF), Virtual Interface (VIF), or both.
You can use Tcpdump to capture the network traces.
To capture a network trace of a XenServer PIF, complete the following procedure:
Run the following command to identify the PIF to trace:
xe pif-list params=device,network-uuid
Following is the output of the preceding command:
device ( RO) : eth0 |
Run the following command from the command line interface to capture an unfiltered network trace on an identified PIF and write it to a file:
tcpdump -i <device> -w /<path to file>
Following is a sample of the preceding command:
tcpdump -i eth0 -w /piftracefile
Run the following command from the command line interface to capture an unfiltered trace that includes the packet header as well as the entire contents of the data payload, run the following command from the command line interface. Capturing the entire packet results in a larger output file.
tcpdump -i <device> -s 0 -w /<path to file>
Following is a sample of the preceding command:
tcpdump -i eth0 -s 0 -w /piftracefile
Press Ctrl + c to stop capturing a trace.
To capture a network trace of a virtual bridge, complete the following procedure:
Run the following command to identify the PIF to trace:
xe pif-list params=device,network-uuid
Following is the output of the preceding command:
device ( RO) : eth0 |
Run the following command to identify the virtual bridge to trace:
xe network-list uuid= <network-uuid> params=bridge,name-label
Following is a sample of the preceding command:
xe network-list uuid= b6fa59da-9bbf-fee7-9f5e-0faa094c89d9 params=bridge,name-label
Following is the output of the preceding command:
name-label ( RW) : Pool-wide network associated with eth0 |
Run the following command from the command line interface to capture an unfiltered network trace on an identified virtual bridge and write it to a file:
tcpdump -i <bridge> -w /<path to file>
Following is a sample of the preceding command:
tcpdump -i xenbr0 -w /xenbridgetrace
Run the following command from the command line interface to capture an unfiltered trace that includes the packet header as well as the entire contents of the data payload. Capturing the entire packet results in a larger output file.
tcpdump -i <bridge> -s 0 -w /<path to file>
Following is a sample of the preceding command:
tcpdump -i xenbr0 -s 0 -w /xenbridgetrace
Press Ctrl + c to stop capturing a trace.
VIF names are dynamically created when a Virtual Machine is started. VIF names are formulated with the following structure, vifx.y, where x is the domain ID of the virtual machine and y is the device number. Domain ID is a dynamic part of the VIF name because it might change on the virtual machine start up.
To capture a network trace of a XenServer VM vif, complete the following procedure:Start the virtual machine and run the following command to identify the domain ID of the virtual machine to trace:
xe vm-list name-label=<name of vm> params=dom-id
Following is a sample of the preceding command:
xe vm-list name-label=cps_att params=dom-id
Following is the output of the preceding command:
dom-id ( RO) : 16 |
Run the following command to identify the VIF device number.
xe vif-list vm-name-label=<name of vm>
Following is a sample of the preceding command:
xe vif-list vm-name-label=cps_att params=device
Following is the output of the preceding command:
device ( RO) : 0 |
Run the following command from the command line interface to capture an unfiltered network trace on the required VIF and write it to a file:
tcpdump -i vif<dom-id>.<device> -w /<path to file>
Following is a sample of the preceding command:
tcpdump -i vif16.0 -w /xenviftrace
Run the following command from the command line interface to capture an unfiltered trace that includes the packet header as well as the entire contents of the data payload. Capturing the entire packet results in a larger output file.
tcpdump -i vif<dom-id>.<device> -s 0 -w /<path to file>
Following is a sample of the preceding command:
tcpdump -i vif16.0 -s 0 -w /xenviftrace
Press Ctrl + c to stop capturing a trace.