nerdexam
F5

101 · Question #87

Which tool is used on BIG-IP systems to capture data packets?

The correct answer is A. tcpdump. BIG-IP TMOS is built on a Linux-based OS, and tcpdump is the supported command-line tool for capturing network packets on the system.

Section 2: F5 Solutions and Technology

Question

Which tool is used on BIG-IP systems to capture data packets?

Options

  • Atcpdump
  • Bsnoop
  • Cethereal
  • Dqkview

How the community answered

(29 responses)
  • A
    86% (25)
  • B
    3% (1)
  • C
    3% (1)
  • D
    7% (2)

Why each option

BIG-IP TMOS is built on a Linux-based OS, and tcpdump is the supported command-line tool for capturing network packets on the system.

AtcpdumpCorrect

tcpdump is the standard packet capture utility available on F5 BIG-IP systems, and F5 extends it with custom options such as -i 0.0 to capture traffic across all interfaces simultaneously. It is the officially documented method for diagnosing traffic flows on BIG-IP. F5 support frequently requests tcpdump output when troubleshooting connectivity and load balancing issues.

Bsnoop

snoop is a packet capture tool specific to Solaris/Oracle systems and is not available on the Linux-based BIG-IP TMOS platform.

Cethereal

Ethereal was the former name of Wireshark and is a GUI-based tool run on a separate host to analyze captures - it is not a tool used directly on BIG-IP.

Dqkview

qkview is an F5 diagnostic data collection utility that gathers logs and configuration snapshots for iHealth analysis, not a packet capture tool.

Concept tested: F5 BIG-IP packet capture with tcpdump

Source: https://support.f5.com/csp/article/K411

Topics

#tcpdump#packet capture#troubleshooting#diagnostics

Community Discussion

No community discussion yet for this question.

Full 101 Practice