If you have it in your system, give it a spin, if not, it’s easily available for Windows and Unix systems (you can get binaries for Mac OS X >= 10.5.5, otherwise you need to use MacPorts). While tcpdump might suffice for many use cases, using Wireshark gives more detail through a very usable GUI. 1st, 1970) that is meaningless to your experiment.īottom line: use the recommended flags. -tt “Print an unformatted timestamp on each dump line.” The alternatives here are -t, which shows no timestamp on each line, or -ttt, which shows a time increment relative for the preceding line, or yet -tttt, which would precede timestamp by a date (the canonical Jan.
Standard input is used if file is “-”.” Another obvious choice, since what you’re looking at is a packet trace that’s been recorded to a file. -r “Read packets from file (which was created with the -w option).I haven’t been able to discover if there’s a difference between -nn and -n both work the same way for me. -n “Don’t convert addresses (i.e., host addresses, port numbers, etc.) to names.” This is the ideal choice in viewing simulation output because real world names won’t mean anything in the analysis of your experiment, where you address nodes by internal ns-3 identifiers or IP addresses.A quick look at the man page for tcpdump will tell you that the command line flags used above have the following meaning (quoted directly from Mac OS 10.5.8): Where filename.pcap is obviously the name of a pcap file generated by some experiment. The tutorial recommends you to open your pcap files using the following command line: tcpdump -nn -tt -r filename.pcap Since tcpdump is a Unix tool that you’re most likely to find in your installation, let’s start there ( tcpdump normally lives in /usr/sbin). The ns-3 tutorial indicates that you can inspect the pcap files generated by simulations using two different tools: tcpdump and Wireshark (see section 5.3.2 Pcap Tracing).
0 kommentar(er)
