254 | | We will need to capture a packet trace to feed into wireshark to analyze it. So once you are logged in run: |
255 | | {{{ |
256 | | sudo tcpdump -s 0 -w out.pcap tcp port 6633 |
257 | | }}} |
258 | | |
259 | | The above command will run tcpdump capturing the full packets (`-s 0`), saving the capture to and out.pcap file (`-w out.pcap`) and only capturing packets with src/dst tcp port 6633 that is where our controller is running (`tcp port 6633`). |
260 | | |
261 | | Run wireshark by typing: |
262 | | {{{ |
263 | | wireshark & |
264 | | }}} |
265 | | Use the file menu to load the pcap file. Right-click on one of the files and choose "Decode as ...." and choose the OFP protocol. Once you do that you will see the OpenFlow message types in wireshark. If you have more than openflow packets in your pcap you can type `of` in the filter box on the top and only show OpenFlow messages. |
| 254 | Assuming that the public IP address on the controller is eth0, run wireshark by typing: |
| 255 | {{{ |
| 256 | sudo wireshark -i eth0& |
| 257 | }}} |
| 258 | |
| 259 | You will want to use the filter to cut down on the chatter in the wireshark window. Do that by typing tcp.port eq 6633, assuming that 6633 is the port that the controller is |
| 260 | listening on. And once you have lines, you can choose one of the lines and choose "Decode as ...." and choose the OFP protocol. |