Wireshark and Pdump for Packet Sniffing

Wireshark is a must have when debugging any sorts of complex multi node experiments. When running dpdk you can’t run Wireshark on the interface but you can view pcap files. Try running the pdump dpdk application to capture packets and then view them in Wireshark.

  1. Login using your normal ssh command but append -X -Y (when logging from nimbus jumpbox also include -X -Y)

  2. Install Wireshark

  3. Open it up (depending on terminal/os this might not work for everyone)

1ssh your_node@cloudlab -X -Y
2sudo apt-get update
3sudo apt-get install wireshark
4sudo wireshark

Packet capturing

When working with different packet protocols and TCP related applications it is often needed to look at the packets received/sent by the manager. DPDK provides a dpdk-pdump application that can capture packets to a pcap file.

To use dpdk-pdump set CONFIG_RTE_LIBRTE_PMD_PCAP=y in dpdk/config/common_base and then recompile dpdk.

Then execute dpdk-pdump as a secondary application when the manager is running

1cd dpdk/x86_64-native-linuxapp-gcc
2sudo ./build/app/pdump/dpdk-pdump -- --pdump 'port=0,queue=*,rx-dev=/tmp/rx.pcap,tx-dev=/tmp/tx.pcap'

Full set of options and configurations for dpdk-pdump can be found here.