Learning VPP: Trace with Wireshark



Each node in VPP is equipped with a possibility to trace the packets. This is a great debugging tool to investigate the issues with traffic. But analyzing trace log in a text form is a tiresome exercise.

But not anymore, as soon as the latest Wireshark supports VPP pcap dispatch trace dissector. As a result, you have an amazing tool to analyze all the changes that happen with a packet buffer while travelling through the VPP node graph.



Initiate and stop trace recording using the following commands.

pcap dispatch trace on max 1000 file vppcapture buffer-trace dpdk-input 1000
pcap dispatch trace off


Download and build the latest Wireshark on Ubuntu 18.04.

apt-get install -y libgcrypt11-dev flex bison qtbase5-dev qttools5-dev-tools qttools5-dev qtmultimedia5-dev libqt5svg5-dev libpcap-dev qt5-default libc-ares-dev
git clone https://gitlab.com/wireshark/wireshark.git
cd wireshark
mkdir build
cd build
cmake -G Ninja ../
ninja -j 8
sudo ninja install

Open the file /tmp/vppcapture with Wireshark and make the following changes into “Preferences”.



As a result, you get the following invaluable recording of the journey that the packet buffer took through the VPP node graph. Here you can find all the metadata information that is traveling from node to node.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s