Learning VPP: Trace with Wireshark



Each node in VPP is equipped with a possibility to trace the packets. This is a great debugging tool to investigate the issues with traffic. But analyzing trace log in a text form is a tiresome exercise.

But not anymore, as soon as the latest Wireshark supports VPP pcap dispatch trace dissector. As a result, you have an amazing tool to analyze all the changes that happen with a packet buffer while travelling through the VPP node graph.



Initiate and stop trace recording using the following commands.

pcap dispatch trace on max 1000 file vppcapture buffer-trace dpdk-input 1000
pcap dispatch trace off


Download and build the latest Wireshark on Ubuntu 18.04.

apt-get install -y libgcrypt11-dev flex bison qtbase5-dev qttools5-dev-tools qttools5-dev qtmultimedia5-dev libqt5svg5-dev libpcap-dev qt5-default libc-ares-dev
git clone https://gitlab.com/wireshark/wireshark.git
cd wireshark
mkdir build
cd build
cmake -G Ninja ../
ninja -j 8
sudo ninja install

Open the file /tmp/vppcapture¬†with Wireshark and make the following changes into “Preferences”.



As a result, you get the following invaluable recording of the journey that the packet buffer took through the VPP node graph. Here you can find all the metadata information that is traveling from node to node.