This article applies to:
OS: Linux and Windows
Product edition: Phoenix
Overview
This article describes procedures to collect network trace on Linux, macOS, and Windows systems.
Collect network trace
Follow the steps provided below for the respective operating systems. The commands specified in the procedure must be run from an elevated command prompt.
❗ Important
Reserve adequate free space in the drive on which the trace files will be saved to avoid running out of disk space.
On Linux/macOS
Use the tcpdump tool to collect the network trace.
In most Linux systems, tcpdump tool is pre-installed. If the tool is not installed, install it with the following command:
yum install tcpdump
Determine the name of the active network adapter using any of the below commands.
tcpdump -D
ip -a
ifconfig
Collect the network packets and save them in a pcap file
tcpdump -w /tmp/0001.pcap -i en0
Where:/tmp is the location where we want to save the capture
0001.pcap is the name of the capture file
en0 is the name of the active adapter derived in Step 2
Reproduce the issue.
Use Ctrl+C to stop the capture.
Collect the /tmp/0001.pcap and send it for analysis.
On Windows
Use the netsh tool to capture etl tracing.
Create a temporary directory. C:\temp1 is created as an example to explain this procedure.
Start the trace with the following command:
NETSH TRACE START CAPTURE=YES TRACEFILE=c:\temp1\example.etl
Where,example.etl is the name of the trace file.
c:\temp1 is the location where the trace file is saved.
Reproduce the issue.
Stop the trace with the following command:
NETSH TRACE STOP
Collect the entire C:\Temp1 directory and share it with support in a zipped file for analysis.