Capturing packets is necessary at times in order to successfully diagnose certain specific problems.

I'd like to capture TCP packets to understand why my application is not functioning properly when going through the DX.

The following are the commands used to prepare the DX to capture the packets; along with the transports used when copying the file over.

Here are the commands on how to get the DX (Redline) setup for TCPdump.

set admin tcpdump transport [tftp/smtp/scp]      ..... TFTP is commonly used
set admin tcpdump filename <filename>
set admin tftp server <server name>
write

The command to start the packet capture is the following:

tcpdump                 .....(this command will start the tcpdump trace. Takes approximately 2 minutes)
copy tcpdump     .....(copy tcpdump to a remote destination)

To capture TCP packets to and from specific hosts from a particular cluster/forwarder as well as all the traffic to and from the target hosts, use the following example:

Cluster:    10.82.11.13:80
Target 1:  10.82.11.10:80
Target 2:  10.82.11.11:80

tcpdump -i ether0 (host 10.82.11.13 and port 80) or (host 10.82.11.10 and port 80) or (host 10.82.11.11 and port 80)