The capture-packet local-host command configures the function of obtaining host packet headers sent to CPUs.
The undo capture-packet command deletes a specified obtaining host packet headers instance.
By default, devices do not obtain host packet headers sent to their CPUs.
capture-packet local-host { all | arp | bfd | dhcp | dns-client | vgmp | ftp-client | ftp-server | hwtacacs | icmp | igmp | isis | lacp | ldp | lspping | msdp | ntp | ospf | pim | radius | rip | rsvp | snmp | ssh-client | ssh-server | sftp-server | telnet-client | telnet-server | tftp | bgp | sftp-client | rrpp | vrrp | mplsoam | esmc | ieee-8021ag | eapol | tcpsyn | sysid } { interface { interface-type interface-number | interface-name } [ vlan vlanBeginValue [ to vlanEndValue ] | pvlan peBeginValue [ to peEndValue ] cvlan ceBeginValue [ to ceEndValue ] ] | linktype { ethernet | ppp | hdlc | atm } } [ [ ipv6 ] acl { aclNumber | name aclName } ] [ [ time-out timeValue ] | [ packet-num numberValue ] | [ packet-len lengthValue ] | overwrite | [ buffer-only | { file filename [ filesize ] } ] ] *
undo capture-packet local-host { all | arp | bfd | dhcp | dns-client | vgmp | ftp-client | ftp-server | hwtacacs | icmp | igmp | isis | lacp | ldp | lspping | msdp | ntp | ospf | pim | radius | rip | rsvp | snmp | ssh-client | ssh-server | sftp-server | telnet-client | telnet-server | tftp | bgp | sftp-client | rrpp | vrrp | mplsoam | esmc | ieee-8021ag | eapol | tcpsyn | sysid } { interface { interface-type interface-number | interface-name } [ vlan vlanBeginValue [ to vlanEndValue ] | pvlan peBeginValue [ to peEndValue ] cvlan ceBeginValue [ to ceEndValue ] ] | linktype { ethernet | ppp | hdlc | atm } } [ [ ipv6 ] acl { aclNumber | name aclName } ]
| Parameter | Description | Value |
|---|---|---|
| all |
Obtains packet headers of all packets sent to the CPU. |
- |
| arp |
Obtains ARP packet headers. |
- |
| bfd |
Obtains BFD packet headers. |
- |
| dhcp |
Enables the device to obtain DHCP packet headers. |
- |
| dns-client |
Enables the device to obtain packet headers sent by DNS clients. |
- |
| vgmp |
Enables the device to obtain VGMP packet headers. |
- |
| ftp-client |
Enables the device to obtain packet headers sent by FTP clients. |
- |
| ftp-server |
Enables the device to obtain packet headers sent by FTP servers. |
- |
| hwtacacs |
Enables the device to obtain packet headers sent by HWTACACS servers. |
- |
| icmp |
Enables the device to obtain ICMP packet headers. |
- |
| igmp |
Enables the device to obtain IGMP packet headers. |
- |
| isis |
Enables the device to obtain IS-IS packet headers. |
- |
| lacp |
Enables the device to obtain LACP packet headers. |
- |
| ldp |
Enables the device to obtain LDP packet headers. |
- |
| lspping |
Enables the device to obtain LSP Ping packet headers. |
- |
| msdp |
Enables the device to obtain MSDP packet headers. |
- |
| ntp |
Enables the device to obtain NTP packet headers. |
- |
| ospf |
Enables the device to obtain OSPF packet headers. |
- |
| pim |
Enables the device to obtain PIM packet headers. |
- |
| radius |
Enables the device to obtain packet headers sent by RADIUS servers. |
- |
| rip |
Enables the device to obtain RIP packet headers. |
- |
| rsvp |
Enables the device to obtain RSVP packet headers. |
- |
| snmp |
Enables the device to obtain SNMP packet headers. |
- |
| ssh-client |
Enables the device to obtain packet headers sent by SSH clients. |
- |
| ssh-server |
Enables the device to obtain packet headers sent by SSH servers. |
- |
| sftp-server |
Enables the device to obtain packet headers sent by SFTP servers. |
- |
| telnet-client |
Enables the device to obtain packet headers sent by Telnet clients. |
- |
| telnet-server |
Enables the device to obtain packet headers sent by Telnet servers. |
- |
| tftp |
Enables the device to obtain TFTP packet headers. |
- |
| bgp |
Obtains BGP packet headers. |
- |
| sftp-client |
Enables the device to obtain packet headers sent by SFTP clients. |
- |
| rrpp |
Enables the device to obtain RRPP packet headers. |
- |
| vrrp |
Enables the device to obtain VRRP packet headers. |
- |
| mplsoam |
Enables the device to obtain MPLS OAM packet headers. |
- |
| ieee-8021ag |
Enables the device to obtain 802.1ag packet headers. |
- |
| eapol |
Enables the device to obtain EAPOL packet headers. |
- |
| tcpsyn |
Enables the device to obtain TCP SYN packet headers. |
- |
| sysid |
Obtains packet headers of a protocol with a specified protocol ID. |
The value is an integer ranging from 0 to 1658. |
| interface interface-type interface-number |
Specifies the type and number of the interface from which packet headers are obtained. |
- |
| linktype |
Indicates data link layer protocols. |
The link layer protocols are as follows:
|
| ethernet |
Enables the device to obtain Ethernet packet headers. |
- |
| ppp |
Enables the device to obtain PPP packet headers. |
- |
| hdlc |
Enables the device to obtain HDLC packet headers. |
- |
| ipv6 |
Specifies the ACL number of an IPv6 address. |
- |
| acl aclNumber |
ACL number used to obtain packet header information. |
The value is an integer ranging from 2000 to 4999. |
| name aclName |
Specifies the name of an ACL. If this parameter is specified, packet headers are obtained based on the ACL name. |
The value is a string of 1 to 64 case-sensitive characters, spaces not supported. The value must start with a letter (a to z or A to Z). |
| time-out timeValue |
Timeout time. |
The value is an integer that ranges from 1 to 86400, in seconds. By default, the handshake interval is 15s. |
| packet-num numberValue |
Number of packet headers to be obtained for an instance. |
The value is an integer that ranges from 1 to 6000. The default value is 10. |
| packet-len lengthValue |
Length of a packet to be obtained. |
The value is an integer that ranges from 20 to 64, in bytes. The default value is 20. |
| overwrite |
When the number of obtained packet headers reaches the upper limit, the device continues to obtain packet headers and overwrites the earliest obtained packet headers. The time for stopping packet header obtaining expires, or packet header obtaining is manually stopped. |
- |
| buffer-only |
Indicates that a file (packet head getting file) that contains information about obtained packets header is saved only to the MPU memory. |
By default, the configuration file is saved in the memory and CF card of the MPU. |
| file filename |
Specifies the name of the file that stores obtained packet header information. The file name cannot contain a slash (/). |
The value is a string of 5 to 64 case-sensitive characters, spaces not supported. The file name extension must be .cap. |
| filesize |
Size of the file of obtaining packet headers . |
The value is an integer ranging from 1 to 10, in M. The default value is 2. |
| esmc |
Enables the device to obtain ESMC packet headers. |
- |
| vlan vlanBeginValue to vlanEndValue |
Specifies a VLAN range. If this parameter is specified, packet headers are obtained based on the VLAN range.
If to vlanendvalue is not specified, the device obtains packet headers only based on vlanbeginvalue. |
The value is an integer that ranges from 1 to 4094. |
| pvlan peBeginValue to peEndValue |
Specifies an outer VLAN range. If this parameter is specified, packet headers are obtained based on the inner VLAN range.
If to peendvalue is not specified, the device obtains packet headers that match pebeginvalue. |
The value is an integer that ranges from 1 to 4094. |
| cvlan ceBeginValue to ceEndValue |
Specifies an inner VLAN range. If this parameter is specified, packet headers are obtained based on the inner VLAN range.
If to ceendvalue is not specified, the device obtains packet headers only based on cebeginvalue. |
The value is an integer that ranges from 1 to 4094. |
| atm |
Enables the device to obtain ATM packet headers. |
- |
Usage Scenario
When a host receives a large number of packet headers, its CPU usage becomes high. You can obtain packet headers sent to this host's CPU for analysis and take control actions. You can obtain packet headers sent to a CPU for an interface or a VLAN. You can also configure an ACL rule to obtain packet headers sent to a CPU.
The packet header obtaining file must be in PCAP format. The default file name is capture_host_protocol type or SysID_Time (yyyy-mm-dd-hh-mm-ss), for example, capture_host_all_2012-03-31-06-09-09.cap. After you run the capture-packet local-host command, the device obtains a packet header obtaining instance, which is identified by a packet header obtaining instance index. Each packet header obtaining instance is saved as a packet header obtaining file. This file contains obtained packet headers. The size of each packet header obtaining file is 2 MB. Obtaining packet headers sent to CPUs is related to the factors, such as the timeout time specified by time, number of obtained packet headers specified by number, and number of packet header obtaining instances. If any of the factors is met, packet header obtaining stops.Prerequisites
The main control board has sufficient space for storing the files of obtained packet headers if packet header information needs to be saved to packet header obtainingfiles.
Configuration Impact
Obtaining packet headers sent to CPUs has no impact on system performance.
Precautions
The limitations on packet header obtaining instances are as follows: