Tcpdump Packet Debugging in Arista EOS

Debugging in Arista's EOS is a cinch using the included tried and true protocol analyzer, tcpdump. Heck if you really wanted to you could load a wireshark extension on the underlying standard linux kernel. So far I have found that analyzing basic packet flows is easy enough using tcpdump and if you want to save a pcap file for export and analysis using your favorite tool, that's an option as well. 


$bash sudo tcpdump -i vlan18 -t

$bash sudo tcpdump -i vlan16 -v -vv

Some Handy Flags

-c  number of packets

-D  prints the list of network interfaces available on the system and on which tcpdump can capture packets

-E  decrypt IPsec ESP packets

-i  specify which interface to capture on

-q  quick output, print less protocol info so output line is shorter  

-r  read packets from a saved file (when you have used -w to create a capture file)

-t  no timestamp

-ttt  print delta (micro-second resolution) between current and previous line on each dump file

-ttttt  print delta (micro-second resolution) between current and first line on each dump file  

-v  produce slightly more, verbose output 

-vv  even more verbose

-vvv  even more verbose

-w  write to a file for later analysis

-X  print data of each packet


For more information check the man pages on an Arista switch