tcpdump mailing list archives

Problem about host addresses to names

From: "Zheng, Ruoqin" <zhengrq.fnst () cn fujitsu com>
Date: Mon, 26 Jun 2017 07:45:23 +0000

Hi everyone
   I have a question during using tcpdump

   The case is like this, I config my NIC to vlan subnet as:
   #ifconfig
   eth0.100  Link encap:Ethernet  HWaddr 00:04:9f:04:b0:04
          inet addr:192.168.255.1  Bcast:192.168.255.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

   And I test it with ping: ping -q -c 50 -I eth0.100 192.168.255.2&
tcpdump -c 10 -ex -i eth0 ether broadcast

   The problem is that I tcpdump can’t capture the package with VLAN tag
   But when I add the option �Cn:
tcpdump �Cn -c 10 -ex -i eth0 ether broadcast
   tcpdump can capture the package with VLAN tag
     00:59:40.485131 00:04:9f:04:b0:04 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 100, p 0, 
ethertype ARP, Request who-has 192.168.255.2
        0x0000:  0064 0806 0001 0800 0604 0001 0004 9f04
        0x0010:  b004 c0a8 ff01 0000 0000 0000 c0a8 ff02

   I don’t know how can this happen, does anyone know the reason?
   Here is the version
root # tcpdump -h
tcpdump version 4.7.4
libpcap version 1.6.2
OpenSSL 1.0.2h  3 May 2016

By the way, in the manual of tcpdump, it says
   -n     Don't convert host addresses to names.  This can be used to avoid DNS lookups.
   How should I understand it?

Zheng Ruoqin

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Current thread:

Problem about host addresses to names Zheng, Ruoqin (Jun 26)
- Re: Problem about host addresses to names Guy Harris (Jun 26)
  - Message not available
    - Re: Problem about host addresses to names Guy Harris (Jun 26)