Forum Discussion
fluzocapacitor
Altocumulus
Hello,
I have tried capturing with various options, but I have not been able to capture any SYN-ACK packets. Here are the commands I used:
tcpdump -i /Common/vlan_name:nnnp -n -w /var/tmp/bl_px_01.pcap -v 'tcp[tcpflags] & (tcp-syn|tcp-ack) != 0 and host client_ip and port 80'
tcpdump -i 0.0:nnnp -n -w /var/tmp/bl_px_01.pcap -v 'tcp[tcpflags] & (tcp-syn|tcp-ack) != 0 and host client_ip and port 80'
Despite these attempts, I still do not see the SYN-ACK packets in the capture. Maybe as wendelyes suggested, some traffic is hidden because of offloading.
Thank you for your assistance.
fluzocapacitor
Jun 11, 2024Altocumulus
Hello,
By the way, offload is enabled:
PVA TCP Offload State
Specifies the TCP state at which the ePVA performs hardware offload.
- SYN: Specifies that the ePVA performs hardware offload at the first client SYN. It also performs the EST-time snoop if the previous SYN-time snoop fails.
- EST: Specifies that the ePVA performs hardware offload at the client ACK when in SYN/ACK state, when the connection is transitioning towards established.
Regards,