tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Problem about host addresses to names

From: Guy Harris <guy () alum mit edu>
Date: Mon, 26 Jun 2017 18:33:07 -0700
On Jun 26, 2017, at 5:57 PM, Zheng, Ruoqin <zhengrq.fnst () cn fujitsu com> wrote:


Hi Guy
   Thank you for your answer, and here is the output with -d:

   root # ping -q -c 50 -I eth0.100 192.168.255.2&
      [2] 1208
      root # tcpdump -d -i eth0 ether broadcastPING 192.168.255.2 (192.168.255.2) from 192.168.255.1 eth0.1

      (000) ld       [2]
      (001) jeq      #0xffffffff      jt 2    jf 5
      (002) ldh      [0]
      (003) jeq      #0xffff          jt 4    jf 5
      (004) ret      #262144
      (005) ret      #0

      root # tcpdump -n -d -i eth0 ether broadcast
      (000) ld       [2]
      (001) jeq      #0xffffffff      jt 2    jf 5
      (002) ldh      [0]
      (003) jeq      #0xffff          jt 4    jf 5
      (004) ret      #262144
      (005) ret      #0
      root #

   You can see they are same.


As I expected.

So what happens if you run tcpdump, without -n, do the ping, and wait a long time to see whether tcpdump eventually 
prints something?  It might be taking a long time to try to resolve a host name, for some reason or another, so that it 
can't print anything until that attempt either succeeds or times out.
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: