When running nstcpdump.sh from CLI we get error "tcpdump: bad dump file format"

When running nstcpdump.sh from CLI we get error "tcpdump: bad dump file format"

book

Article ID: CTX205718

calendar_today

Updated On:

Description

When werun the nstcpdump.sh we receive an error "tcpdump: bad dump file format".

Resolution

Please follow below steps to resolve the issue:

SSH to the netscaler
root@NS>
Then go into shell
root@NS#
Then type the command as shown below and enter

root@NS# ps -ef | grep nstraceaggregator
23525   1  R      3:11.29  /netscaler/nstraceaggregator /var/nstrace/nstcpdump
root@NS#

From this output Kill the PID 23525 by the command below

root@NS# kill 23525
root@NS#

Then type nstrace.sh -stop

root@NS# nstrace.sh -stop
nstrace: background tracing stopped
cat: /var/run/nstrace.pid: No such file or directory
usage: kill [-s signal_name] pid ...
       kill -l [exit_status]
       kill -signal_name pid ...
       kill -signal_number pid ...
Changing cfg_trace_state from 1 to 0 ...
 Done.
root@NS#

That should clear the problem

Then test again as below:

root@NS# nstcpdump.sh host 10.10.10.10
reading from file -, link-type EN10MB (Ethernet)
17:14:41.145458 IP 10.100.10.10.54939 > 10.25.157.70.https: Flags [S], seq 3400731568, win 65535, options [mss 1460,nop,wscale 3,sackOK,TS val 1939221449 ecr 0], length 0

 

Problem Cause

process hang.

Additional Information

http://www.mycertstudies.com/blog/citrix-netscaler-tcpdump-error
Powered by Wolken Software