101 · Question #87
Which tool is used on BIG-IP systems to capture data packets?
The correct answer is A. tcpdump. BIG-IP TMOS is built on a Linux-based OS, and tcpdump is the supported command-line tool for capturing network packets on the system.
Question
Which tool is used on BIG-IP systems to capture data packets?
Options
- Atcpdump
- Bsnoop
- Cethereal
- Dqkview
How the community answered
(29 responses)- A86% (25)
- B3% (1)
- C3% (1)
- D7% (2)
Why each option
BIG-IP TMOS is built on a Linux-based OS, and tcpdump is the supported command-line tool for capturing network packets on the system.
tcpdump is the standard packet capture utility available on F5 BIG-IP systems, and F5 extends it with custom options such as -i 0.0 to capture traffic across all interfaces simultaneously. It is the officially documented method for diagnosing traffic flows on BIG-IP. F5 support frequently requests tcpdump output when troubleshooting connectivity and load balancing issues.
snoop is a packet capture tool specific to Solaris/Oracle systems and is not available on the Linux-based BIG-IP TMOS platform.
Ethereal was the former name of Wireshark and is a GUI-based tool run on a separate host to analyze captures - it is not a tool used directly on BIG-IP.
qkview is an F5 diagnostic data collection utility that gathers logs and configuration snapshots for iHealth analysis, not a packet capture tool.
Concept tested: F5 BIG-IP packet capture with tcpdump
Source: https://support.f5.com/csp/article/K411
Topics
Community Discussion
No community discussion yet for this question.