Capture VLAN tags by using tcpdump
Environment
- Red Hat Enterprise Linux 5 (RHEL 5).
- Red Hat Enterprise Linux 6 (RHEL 6).
- Red Hat Enterprise Linux 7 (RHEL 7).
- tcpdump
Issue
- How to capture
VLAN
tags that are used bytcpdump
? - Server unable to
ping
the gateway which is onVLAN
.
Resolution
- You can verify the incoming traffic to see if they have
VLAN
tags by usingtcpdump
with the-e and vlan
option.
This will show the details of theVLAN
header:
# tcpdump -i bond0 -nn -e vlan
To capture the issue live.
or
# tcpdump -i eno1 -nn -e vlan -w /tmp/vlan.pcap
To write to the capture to a file.
Root Cause
- The reason why the host could
ping
the gateway was because the traffic seen on the host was tagged with the wrongVLAN ID
. The host was not configured to useVLAN
tagging so traffic was being ignored.
Diagnostic Steps
- Another check to run through via the packet capture is to check on the arp requests incoming, and see if the packets coming in are in the same subnet.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments