HowTo Enable Wireshark Over Docker Container (MLNX-OS)

Version 4

    This post exhibits installation and usage of wireshark docker over MLNX-OS.

     

     

    References

     

    Configuration

    1. Follow Getting Started with Docker Container Over MLNX-OS , to create a container.

     

    2. Enter the container Linux shell:

    # docker exec my-container "bin/bash"

    Running exec_name:[bin/bash]

     

    3. Install the following packages:

    # yum install -y wireshark-gnome dejavu-lgc-sans-fonts

     

    4. Check the DISPLAY parameter, make sure the the VNC session is part of the display:

    # export DISPLAY=i-vnc01:2

     

    For more info, see Display Failures when using VNC.

     

    5. Run wireshark:

    # wireshark &

     

     

     

     

    6. Open interfaces.

    Notice that you can select either the management interface or a router port (network interface).

    In this example, we can see the management port (mgmt0) port and the two IP interfaces on the switch.

     

     

     

    Note: When you capture packets on the network interface, you will see only the traffic that goes to the CPU. For example:

    • Networking protocols (OSPF, STP, etc.)
    • Slow Path traffic
    • Unsolved unicast traffic (no entries in the routing table)

     

    For instance, if you run ping several times you see only one packet that arrives to the CPU, because after that, since the routing table in the switch IC will be resolved, the rest of the traffic does not pass via the CPU.