S2E2 - tcpdump

title: S2E2 - tcpdump
author: Nicholas Morrison
draft: false
tags: [network, workshop, arista]
categories: [workshop]
noindex: true


Topology: BGP-01
Topology: BGP-01

Connecting to the lab server

Connect to the lab server:

local$ ssh-keygen -R netlab.nanocat.net
local$ ssh lab@netlab.nanocat.net
Password: (see discord)

Connect to your router:

lab@netlab$ list-devices
lab@netlab$ connect DEVICE


About Linux network namespaces

About tcpdump

About wireshark

Initial configuration

Configure the PCs

Configure with:

ip address add dev eth1
ip route delete default

Check the config with:

ip address
ip route

Delete a mistake if you need to

ip address delete dev eth1

Open at least two terminals

You’ll need two terminals for the next bit.

Generate some packets

In one terminal, ping from pc1.

In the other terminal, don’t connect to a device, but stay “outside” in your shell.

Using tcpdump and netns

In your other terminal window, execute tcpdump from inside the pc1 network namespace.


ip netns exec clab-pod1-pc1 ip -c link
ip netns exec clab-pod1-pc1 tcpdump -i eth1

Produce some different packet types

Stop your ping on pc1 with ctrl-c and execute:


What kind of packets do you see in your tcpdump?

Capture some packets to disk

Capture 20 packets:

ip netns exec clab-podX-pc1 tcpdump -i eth1 -c 20 -w CLEVER_FILENAME.pcap

Copy them to your local computer. Locally,

scp lab@netlab.nanocat.net:CLEVER_FILENAME.pcap .

Open this file locally in Wireshark.