1 .. SPDX-License-Identifier: BSD-3-Clause
2 Copyright(c) 2017-2021 Intel Corporation.
4 DPDK packet capture libraries and tools
5 =======================================
7 This document describes how the Data Plane Development Kit (DPDK) Packet
8 Capture Framework is used for capturing packets on DPDK ports. It is intended
9 for users of DPDK who want to know more about the Packet Capture feature and
10 for those who want to monitor traffic on DPDK-controlled devices.
12 The DPDK packet capture framework was introduced in DPDK v16.07
13 and enhanced in 21.11.
14 The DPDK packet capture framework consists of the libraries
15 for collecting packets ``librte_pdump``
16 and writing packets to a file ``librte_pcapng``.
17 There is an application: ``dpdk-pdump``.
22 The :doc:`librte_pdump <../prog_guide/pdump_lib>` library provides the API
23 required to allow users to initialize the packet capture framework
24 and to enable or disable packet capture.
25 The library works on a multi-process communication model
26 and its usage is recommended for debugging purposes.
28 The :doc:`librte_pcapng <../prog_guide/pcapng_lib>` library provides the API
29 to format packets and write them to a file in Pcapng format.
31 The application which initializes the packet capture framework will be a primary process
32 and the application that enables or disables the packet capture will
33 be a secondary process. The primary process sends the Rx and Tx packets from the DPDK ports
34 to the secondary process.
36 In DPDK the ``testpmd`` application can be used to initialize the packet
37 capture framework and acts as a server, and the ``dpdk-pdump`` tool acts as a
38 client. To view Rx or Tx packets of ``testpmd``, the application should be
39 launched first, and then the ``dpdk-pdump`` tool. Packets from ``testpmd``
40 will be sent to the tool, which then sends them on to the Pcap PMD device and
41 that device writes them to the Pcap file or to an external interface depending
42 on the command-line option used.
46 * The ``dpdk-pdump`` tool can only be used in conjunction with a primary
47 application which has the packet capture framework initialized already. In
48 dpdk, only ``testpmd`` is modified to initialize packet capture framework,
49 other applications remain untouched. So, if the ``dpdk-pdump`` tool has to
50 be used with any application other than the testpmd, the user needs to
51 explicitly modify that application to call the packet capture framework
52 initialization code. Refer to the ``app/test-pmd/testpmd.c`` code and look
53 for ``pdump`` keyword to see how this is done.
55 * The ``dpdk-pdump`` tool depends on the libpcap based PMD.
61 The overview of using the Packet Capture Framework and the ``dpdk-pdump`` tool
62 for packet capturing on the DPDK port in
63 :numref:`figure_packet_capture_framework`.
65 .. _figure_packet_capture_framework:
67 .. figure:: img/packet_capture_framework.*
69 Packet capturing on a DPDK port using the dpdk-pdump tool.
72 Running the Application
73 -----------------------
75 The following steps demonstrate how to run the ``dpdk-pdump`` tool to capture
76 Rx side packets on dpdk_port0 in :numref:`figure_packet_capture_framework` and
77 inspect them using ``tcpdump``.
79 #. Launch testpmd as the primary application::
81 sudo <build_dir>/app/dpdk-testpmd -c 0xf0 -n 4 -- -i --port-topology=chained
83 #. Launch the pdump tool as follows::
85 sudo <build_dir>/app/dpdk-pdump -- \
86 --pdump 'port=0,queue=*,rx-dev=/tmp/capture.pcap'
88 #. Send traffic to dpdk_port0 from traffic generator.
89 Inspect packets captured in the file capture.pcap using a tool
90 that can interpret Pcap files, for example tcpdump::
92 $tcpdump -nr /tmp/capture.pcap
93 reading from file /tmp/capture.pcap, link-type EN10MB (Ethernet)
94 11:11:36.891404 IP 4.4.4.4.whois++ > 3.3.3.3.whois++: UDP, length 18
95 11:11:36.891442 IP 4.4.4.4.whois++ > 3.3.3.3.whois++: UDP, length 18
96 11:11:36.891445 IP 4.4.4.4.whois++ > 3.3.3.3.whois++: UDP, length 18
git.droids-corp.org / dpdk.git / blob