Support Tool

Embedded packet trace


The Prestige records packet trace and analyzes packets running on LAN and WAN interfaces. It is designed for users with technical backgrounds who are interested in the details of the packet flow on LAN or WAN end of the Prestige. It is also very helpful for diagnostics if you have compatibility problems with your ISP or if you want to know the details of a packet for configuring a filter rule.

The format of the display is as following:

Packet:

 0    11880.160 ENET0-R[0062] TCP 192.168.1.2:1108->192.31.7.130:80

[index] [timer/second][channel-receive/transmit][length]  [protocol] [sourceIP/port] [destIP/port]

There are two ways to dump the trace:

  1. Online Trace--display the trace real time on screen
  2. Offline Trace--capture the trace first and display later

The details for capturing the trace in SMT menu 24.8 are as follows.


Online Trace

1. Trace LAN packet
2. Trace WAN packet

1. Trace LAN packet

1.1 Disable to capture the WAN packet by entering: sys trcp channel [bri0|bri1] none
1.2 Enable to capture the LAN packet by entering: sys trcp channel enet0 bothway
1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on
1.4 Display the brief trace online by entering: sys trcd brief
or
1.5 Display the detailed trace online by entering: sys trcd parse

Example:  

ras> sys trcp channel bri0 none
ras> sys trcp channel enet0 bothway
ras> sys trcp sw on
ras> sys trcl sw on
ras> sys trcd brief
   0    11880.160 ENET0-R[0062] TCP 192.168.1.2:1108->192.31.7.130:80
   1    11883.100 ENET0-R[0062] TCP 192.168.1.2:1108->192.31.7.130:80
   2    11883.330 ENET0-T[0058] TCP 192.31.7.130:80->192.168.1.2:1108
   3    11883.340 ENET0-R[0060] TCP 192.168.1.2:1108->192.31.7.130:80
   4    11883.340 ENET0-R[0339] TCP 192.168.1.2:1108->192.31.7.130:80
   5    11883.610 ENET0-T[0054] TCP 192.31.7.130:80->192.168.1.2:1108
   6    11883.620 ENET0-T[0102] TCP 192.31.7.130:80->192.168.1.2:1108
   7    11883.630 ENET0-T[0054] TCP 192.31.7.130:80->192.168.1.2:1108
   8    11883.630 ENET0-R[0060] TCP 192.168.1.2:1108->192.31.7.130:80
   9    11883.650 ENET0-R[0060] TCP 192.168.1.2:1108->192.31.7.130:80
  10    11883.650 ENET0-R[0062] TCP 192.168.1.2:1109->192.31.7.130:80
ras> sys trcd parse
---<0000>----------------------------------------------------------------
LAN Frame: ENET0-RECV   Size:  62/  62   Time: 12089.790 sec
Frame Type: TCP 192.168.1.2:1116->192.31.7.130:80

  Ethernet Header:
    Destination MAC Addr     = 00A0C5921311
    Source MAC Addr          = 0080C84CEA63
    Network Type             = 0x0800 (TCP/IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x0030 (48)
    Idetification            = 0x330B (13067)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0x80 (128)
    Protocol                 = 0x06 (TCP)
    Header Checksum          = 0x3E71 (15985)
    Source IP                = 0xC0A80102 (192.168.1.2)
    Destination IP           = 0xC01F0782 (192.31.7.130)

  TCP Header:
    Source Port              = 0x045C (1116)
    Destination Port         = 0x0050 (80)
    Sequence Number          = 0x00BD15A7 (12391847)
    Ack Number               = 0x00000000 (0)
    Header Length            = 28
    Flags                    = 0x02 (....S.)
    Window Size              = 0x2000 (8192)
    Checksum                 = 0xBEC3 (48835)
    Urgent Ptr               = 0x0000 (0)
    Options                  =
        0000: 02 04 05 B4 01 01 04 02

  RAW DATA:
  0000: 00 A0 C5 92 13 11 00 80-C8 4C EA 63 08 00 45 00  .........L.c..E.
  0010: 00 30 33 0B 40 00 80 06-3E 71 C0 A8 01 02 C0 1F  .03.@...>q......
  0020: 07 82 04 5C 00 50 00 BD-15 A7 00 00 00 00 70 02  ...\.P........p.
  0030: 20 00 BE C3 00 00 02 04-05 B4 01 01 04 02         .............
---<0001>----------------------------------------------------------------
LAN Frame: ENET0-XMIT   Size:  58/  58   Time: 12090.020 sec
Frame Type: TCP 192.31.7.130:80->192.168.1.2:1116

  Ethernet Header:
    Destination MAC Addr     = 0080C84CEA63
    Source MAC Addr          = 00A0C5921311
    Network Type             = 0x0800 (TCP/IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x002C (44)
    Idetification            = 0x57F3 (22515)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0xED (237)
    Protocol                = 0x06 (TCP)
    Header Checksum          = 0xAC8C (44172)
    Source IP                = 0xC01F0782 (192.31.7.130)
    Destination IP           = 0xC0A80102 (192.168.1.2)

  TCP Header:
    Source Port              = 0x0050 (80)
    Destination Port         = 0x045C (1116)
    Sequence Number          = 0x4AD1B57F (1255257471)
    Ack Number               = 0x00BD15A8 (12391848)
    Header Length            = 24
    Flags                    = 0x12 (.A..S.)
    Window Size              = 0xFAF0 (64240)
    Checksum                 = 0xF877 (63607)
    Urgent Ptr               = 0x0000 (0)
    Options                  =
        0000: 02 04 05 B4

  RAW DATA:
  0000: 00 80 C8 4C EA 63 00 A0-C5 92 13 11 08 00 45 00  ...L.c........E.
  0010: 00 2C 57 F3 40 00 ED 06-AC 8C C0 1F 07 82 C0 A8  .,W.@...........
  0020: 01 02 00 50 04 5C 4A D1-B5 7F 00 BD 15 A8 60 12  ...P.\J.......`.
  0030: FA F0 F8 77 00 00 02 04-05 B4                    ...w......
---<0002>----------------------------------------------------------------
LAN Frame: ENET0-RECV   Size:  60/  60   Time: 12090.210 sec
Frame Type: TCP 192.168.1.2:1116->192.31.7.130:80

  Ethernet Header:
    Destination MAC Addr     = 00A0C5921311
    Source MAC Addr          = 0080C84CEA63
    Network Type             = 0x0800 (TCP/IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x0028 (40)
    Idetification            = 0x350B (13579)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0x80 (128)
    Protocol                 = 0x06 (TCP)
    Header Checksum          = 0x3C79 (15481)
    Source IP                = 0xC0A80102 (192.168.1.2)
    Destination IP           = 0xC01F0782 (192.31.7.130)

  TCP Header:
    Source Port              = 0x045C (1116)
    Destination Port         = 0x0050 (80)
    Sequence Number          = 0x00BD15A8 (12391848)
    Ack Number               = 0x4AD1B580 (1255257472)
    Header Length            = 20
    Flags                    = 0x10 (.A....)
    Window Size              = 0x2238 (8760)
    Checksum                 = 0xE8ED (59629)
    Urgent Ptr               = 0x0000 (0)

  TCP Data: (Length=6, Captured=6)
    0000: 20 20 20 20 20 20

  RAW DATA:
  0000: 00 A0 C5 92 13 11 00 80-C8 4C EA 63 08 00 45 00  .........L.c..E.
  0010: 00 28 35 0B 40 00 80 06-3C 79 C0 A8 01 02 C0 1F  .(5.@...<y......
  0020: 07 82 04 5C 00 50 00 BD-15 A8 4A D1 B5 80 50 10  ...\.P....J...P.
  0030: 22 38 E8 ED 00 00 20 20-20 20 20 20              "8....

2. Trace WAN packet

1.1 Disable to capture the LAN packet by entering: sys trcp channel enet0 none
1.2 Enable to capture the WAN packet by entering: sys trcp channel [bri0|bri1] bothway
1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on
1.4 Display the brief trace online by entering: sys trcd brief
or
1.5 Display the detailed trace online by entering: sys trcd parse

Example:  

ras> sys trcp channel enet0 none
ras> sys trcp channel bri0 bothway
ras> sys trcp sw on
ras> sys trcl sw on
ras> sys trcd brief
   0     899.160 BRI0-T[0023] LCP (ID=0x05) Configure-Request (1,5,8,13)
   1     902.120 BRI0-T[0023] LCP (ID=0x06) Configure-Request (1,5,8,13)
   2     905.120 BRI0-T[0023] LCP (ID=0x07) Configure-Request (1,5,8,13)
   3     905.150 BRI0-R[0029] LCP (ID=0x01) Configure-Request (1,3,17,19)
   4     905.150 BRI0-T[0021] LCP (ID=0x01) Configure-Reject (17,19)
   5     905.160 BRI0-R[0013] LCP (ID=0x07) Configure-Reject (8,13)
   5     905.160 BRI0-R[0013] LCP (ID=0x07) Configure-Reject (8,13)

ras> sys trcd parse
---<0000>----------------------------------------------------------------
PPP Frame: BRI0-XMIT   Size:  52/  52   Time: 1145.250 sec
Frame Type: TCP 163.31.239.1:10007->210.67.113.145:80

  PPP Header:
    Protocol                 = 0x0021 (IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x0030 (48)
    Idetification            = 0xE702 (59138)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0x7F (127)
    Protocol                 = 0x06 (TCP)
    Header Checksum          = 0x3ECF (16079)
    Source IP                = 0xA31FEF01 (163.31.239.1)
    Destination IP           = 0xD2437191 (210.67.113.145)

  TCP Header:
    Source Port              = 0x2717 (10007)
    Destination Port         = 0x0050 (80)
    Sequence Number          = 0x000BCB53 (772947)
    Ack Number               = 0x00000000 (0)
    Header Length            = 28
    Flags                    = 0x02 (....S.)
    Window Size              = 0x2000 (8192)
    Checksum                 = 0x9A63 (39523)
    Urgent Ptr               = 0x0000 (0)
    Options                  =
        0000: 02 04 05 B4 01 01 04 02

  RAW DATA:
  0000: FF 03 00 21 45 00 00 30-E7 02 40 00 7F 06 3E CF  ...!E..0..@...>.
  0010: A3 1F EF 01 D2 43 71 91-27 17 00 50 00 0B CB 53  .....Cq.'..P...S
  0020: 00 00 00 00 70 02 20 00-9A 63 00 00 02 04 05 B4  ....p. ..c......
  0030: 01 01 04 02                                      ....
---<0001>----------------------------------------------------------------
PPP Frame: BRI0-RECV   Size:  48/  48   Time: 1147.970 sec
Frame Type: TCP 210.67.113.145:80->163.31.239.1:10007

  PPP Header:
    Protocol                 = 0x0021 (IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x002C (44)
    Idetification            = 0xB0D4 (45268)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0x38 (56)
    Protocol                 = 0x06 (TCP)
    Header Checksum          = 0xBC01 (48129)
    Source IP                = 0xD2437191 (210.67.113.145)
    Destination IP           = 0xA31FEF01 (163.31.239.1)

  TCP Header:
    Source Port              = 0x0050 (80)
    Destination Port         = 0x2717 (10007)
    Sequence Number          = 0x7AA71C33 (2057772083)
    Ack Number               = 0x000BCB54 (772948)
    Header Length            = 24
    Flags                    = 0x12 (.A..S.)
    Window Size              = 0x4470 (17520)
    Checksum                 = 0xF40E (62478)
    Urgent Ptr               = 0x0000 (0)
    Options                  =
        0000: 02 04 05 B4

  RAW DATA:
  0000: FF 03 00 21 45 00 00 2C-B0 D4 40 00 38 06 BC 01  ...!E..,..@.8...
  0010: D2 43 71 91 A3 1F EF 01-00 50 27 17 7A A7 1C 33  .Cq......P'.z..3
  0020: 00 0B CB 54 60 12 44 70-F4 0E 00 00 02 04 05 B4  ...T`.Dp........


Offline Trace

1. Trace LAN packet
2. Trace WAN packet

1. Trace LAN packet

1.1 Disable to capture the WAN packet by entering: sys trcp channel [bri0|bri1] none
1.2 Enable to capture the LAN packet by entering: sys trcp channel enet0 bothway
1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on
1.4 Wait for packet passing through Prestige over LAN
1.5 Disable the trace log by entering: sys trcp sw off & sys trcl sw off
1.6 Display the trace briefly by entering: sys trcp brief
1.7 Display specific packets by using: sys trcp parse <from_index> <to_index>

Exmaple:
 

ras> sys trcp channel bri0 none
ras> sys trcp channel enet0 bothway
ras> sys trcp sw on
ras> sys trcl sw on
ras> sys trcp sw off
ras> sys trcl sw off
ras> sys trcp brief
   0    10855.790 ENET0-T[0141] TCP 192.31.7.130:80->192.168.1.2:1102
   1    10855.800 ENET0-R[0060] TCP 192.168.1.2:1102->192.31.7.130:80
   2    10855.810 ENET0-R[0062] TCP 192.168.1.2:1103->192.31.7.130:80
   3    10855.840 ENET0-R[0062] TCP 192.168.1.2:1104->192.31.7.130:80
   4    10856.020 ENET0-T[0054] TCP 192.31.7.130:80->192.168.1.2:1102
   5    10856.030 ENET0-T[0058] TCP 192.31.7.130:80->192.168.1.2:1103

   6    10856.040 ENET0-R[0060] TCP 192.168.1.2:1103->192.31.7.130:80
ras> sys trcp parse 5 5
---<0005>----------------------------------------------------------------
LAN Frame: ENET0-XMIT   Size:  58/  58   Time: 10856.030 sec
Frame Type: TCP 192.31.7.130:80->192.168.1.2:1103

  Ethernet Header:
    Destination MAC Addr     = 0080C84CEA63
    Source MAC Addr          = 00A0C5921311
    Network Type             = 0x0800 (TCP/IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x002C (44)
    Idetification            = 0x7F02 (32514)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0xED (237)
    Protocol                 = 0x06 (TCP)
    Header Checksum          = 0x857D (34173)
    Source IP                = 0xC01F0782 (192.31.7.130)
    Destination IP           = 0xC0A80102 (192.168.1.2)

  TCP Header:
    Source Port              = 0x0050 (80)
    Destination Port         = 0x044F (1103)
    Sequence Number          = 0xD91B1826 (3642431526)
    Ack Number               = 0x00AA405F (11157599)
    Header Length            = 24
    Flags                    = 0x12 (.A..S.)
    Window Size              = 0xFAF0 (64240)
    Checksum                 = 0xDCEF (56559)
    Urgent Ptr               = 0x0000 (0)
    Options                  =
        0000: 02 04 05 B4

  RAW DATA:
  0000: 00 80 C8 4C EA 63 00 A0-C5 92 13 11 08 00 45 00  ...L.c........E.
  0010: 00 2C 7F 02 40 00 ED 06-85 7D C0 1F 07 82 C0 A8  .,..@....}......
  0020: 01 02 00 50 04 4F D9 1B-18 26 00 AA 40 5F 60 12  ...P.O...&..@_`.
  0030: FA F0 DC EF 00 00 02 04-05 B4                    ..........
ras>

2. Trace WAN packet

1.1 Disable to capture the LAN packet by entering: sys trcp channel enet0 none
1.2 Enable to capture the WAN packet by entering: sys trcp channel [bri0|bri1] bothway
1.3 Enable the trace log by entering: sys trcp sw on & sys trcl sw on
1.4 Wait for packet passing through Prestige over WAN
1.5 Disable the trace log by entering: sys trcp sw off & sys trcl sw off
1.6 Display the trace briefly by entering: sys trcp brief
1.7 Display specific packets by using: sys trcp parse <from_index> <to_index>

Example:
 

ras> sys trcp channel enet0 none
ras> sys trcp channel bri0 bothway
ras> sys trcl sw on
ras> sys trcp sw on
ras> sys trcl sw off
ras> sys trcp sw off
ras> sys trcp brief
   0     1181.540 BRI0-T[0011] PPP VJ Compressed IP (0x002d)
   1     1182.840 BRI0-T[0044] TCP 163.31.239.1:10007->210.67.113.145:80
   2     1226.450 BRI0-T[0052] TCP 163.31.239.1:10008->210.67.113.145:80
   3     1226.480 BRI0-R[0048] TCP 210.67.113.145:80->163.31.239.1:10008
   4     1226.480 BRI0-T[0044] IP Unknown (0x07)
   5     1226.490 BRI0-T[0446] PPP VJ Compressed IP (0x002d)
ras> sys trcp parse 1 2
---<0002>------------------------------------------------------------
PPP Frame: BRI0-XMIT   Size:  52/  52   Time: 1226.450 sec
Frame Type: TCP 163.31.239.1:10008->210.67.113.145:80

  PPP Header:
    Protocol                 = 0x0021 (IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x0030 (48)
    Idetification            = 0xFD02 (64770)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0x7F (127)
    Protocol                 = 0x06 (TCP)
    Header Checksum          = 0x28CF (10447)
    Source IP                = 0xA31FEF01 (163.31.239.1)
    Destination IP           = 0xD2437191 (210.67.113.145)

  TCP Header:
    Source Port              = 0x2718 (10008)
    Destination Port         = 0x0050 (80)
    Sequence Number          = 0x000D088D (854157)
    Ack Number               = 0x00000000 (0)
    Header Length            = 28
    Flags                    = 0x02 (....S.)
    Window Size              = 0x2000 (8192)
    Checksum                 = 0x5D27 (23847)
    Urgent Ptr               = 0x0000 (0)
    Options                  =
        0000: 02 04 05 B4 01 01 04 02

  RAW DATA:
  0000: FF 03 00 21 45 00 00 30-FD 02 40 00 7F 06 28 CF  ...!E..0..@...(.
  0010: A3 1F EF 01 D2 43 71 91-27 18 00 50 00 0D 08 8D  .....Cq.'..P....
  0020: 00 00 00 00 70 02 20 00-5D 27 00 00 02 04 05 B4  ....p. .]'......
  0030: 01 01 04 02                                      ....
---<0003>----------------------------------------------------------------
PPP Frame: BRI0-RECV   Size:  48/  48   Time: 1226.480 sec
Frame Type: TCP 210.67.113.145:80->163.31.239.1:10008

  PPP Header:
    Protocol                 = 0x0021 (IP)

  IP Header:
    IP Version               = 4
    Header Length            = 20
    Type of Service          = 0x00 (0)
    Total Length             = 0x002C (44)
    Idetification            = 0x01D3 (467)
    Flags                    = 0x02
    Fragment Offset          = 0x00
    Time to Live             = 0x38 (56)
    Protocol                 = 0x06 (TCP)
    Header Checksum          = 0x6B03 (27395)
    Source IP                = 0xD2437191 (210.67.113.145)
    Destination IP           = 0xA31FEF01 (163.31.239.1)

  TCP Header:
    Source Port              = 0x0050 (80)
    Destination Port         = 0x2718 (10008)
    Sequence Number          = 0x7F47963C (2135397948)
    Ack Number               = 0x000D088E (854158)
    Header Length            = 24
    Flags                    = 0x12 (.A..S.)
    Window Size              = 0x4470 (17520)
    Checksum                 = 0x3829 (14377)
    Urgent Ptr               = 0x0000 (0)
    Options                  =
        0000: 02 04 05 B4

  RAW DATA:
  0000: FF 03 00 21 45 00 00 2C-01 D3 40 00 38 06 6B 03  ...!E..,..@.8.k.
  0010: D2 43 71 91 A3 1F EF 01-00 50 27 18 7F 47 96 3C  .Cq......P'..G.<
  0020: 00 0D 08 8E 60 12 44 70-38 29 00 00 02 04 05 B4  ....`.Dp8)......
ras>


All contents copyright © 1999 ZyXEL Communications Corporation.