Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SRE Book Club - Linux - ch38 - tcpdump & Wireshark
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Rico Chen
September 24, 2020
Programming
62
0
Share
SRE Book Club - Linux - ch38 - tcpdump & Wireshark
tcpdump & Wireshark usage
Rico Chen
September 24, 2020
More Decks by Rico Chen
See All by Rico Chen
How to monitor Cosmos validator by Prometheus
ricotoothless
0
640
how-to-choose-cicd-tools.pdf
ricotoothless
0
120
SRE Book Club - Linux - ch45 - Where's socket buffer
ricotoothless
0
170
COSCUP - Dynamic Jenkins Agent on Kubernetes
ricotoothless
0
62
Taiwan CDK Meetup - Rookie operator's CDK journey
ricotoothless
0
250
DevOps Taiwan 2020 Workshop - Jenkins CICD
ricotoothless
0
96
SRE Book Club - Kubernetes - ch32-35 - Network
ricotoothless
0
60
SRE Book Club - Kubernetes - ch22 - Job & CronJob
ricotoothless
0
42
Other Decks in Programming
See All in Programming
JOAI2026 1st solution - heron0519 -
heron0519
0
150
10 Tips of AWS ~Gen AI on AWS~
licux
5
460
ついに来た!本格的なマルチクラウド時代の Google Cloud
maroon1st
0
230
VueエンジニアがReactを触って感じた_設計の違い
koukimiura
0
180
年間50登壇、単著出版、雑誌寄稿、Podcast出演、YouTube、CM、カンファレンス主催……全部やってみたので面白さ等を比較してみよう / I’ve tried them all, so let’s compare how interesting they are.
nrslib
4
800
The Monolith Strikes Back: Why AI Agents ❤️ Rails Monoliths
serradura
0
350
How We Benchmarked Quarkus: Patterns and anti-patterns
hollycummins
1
150
Back to the roots of date
jinroq
0
380
2026_04_15_量子計算をパズルとして解く
hideakitakechi
0
110
Server-Side Kotlin LT大会 vol.18 [Kotlin-lspの最新情報と Neovimのlsp設定例]
yasunori0418
1
180
書籍「ユーザーストーリーマッピング」が私のバイブル
asumikam
4
410
Running Swift without an OS
kishikawakatsumi
0
850
Featured
See All Featured
The Cost Of JavaScript in 2023
addyosmani
55
9.9k
Joys of Absence: A Defence of Solitary Play
codingconduct
1
350
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.2k
Highjacked: Video Game Concept Design
rkendrick25
PRO
1
340
The Curse of the Amulet
leimatthew05
1
11k
Site-Speed That Sticks
csswizardry
13
1.2k
How Software Deployment tools have changed in the past 20 years
geshan
0
33k
Between Models and Reality
mayunak
3
270
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.1k
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
cargoodrich
3
680
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
520
Transcript
CH38 怎麼使用 tcpdump 與 Wireshark 分析網路流量
Agenda • CH38 overview • tcpdump • Wireshark • How
to analyze network traffic? • Lab • Reference
CH38 overview
• Network analysis tool like tcpdump & Wireshark are common
chose to troubleshoot network issue. • tcpdump only supports command line. On the other hand, Wireshark GUI can handle complex network environment.
• PTR (pointer record) provides the IP address associated with
a domain name. • PTR common uses for reverse DNS include: ◦ Anti-spam ◦ Troubleshooting email delivery issues ◦ Logging • Email service: Gsuite, AWS SES, SendGrid, MailGun
tcpdump
• A powerful command-line packet analyzer • tcpdump group github
• tcpdump relate project • How about other command-line? • Wireshark CLI tools & scripting youtube
Wireshark
• A powerful GUI network protocol analyzer • Over 251000
fields in 3000 protocols can filters • Open source with rich community support • SharkFest'20 at 10/12 ~ 10/16 • Many of tutorial resources
How to analyze network traffic?
• Start with client-side • Capture server and client traffic
• Focus on time • The different environment with different filter • Keep your eye on the ball • (resource)
Lab
NLB EKS control plane traefik kube-op s-view
NLB EKS control plane traefik kube-op s-view 115.43.40.158 10.1.8.23 10.1.11.24
10.1.13.131 10.1.6.103 10.1.48.138 10.1.43.161
• what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local
Addresses • EKS architectural overview • Elastic network interfaces
NLB EKS control plane traefik kube-op s-view k-proxy
• Application Load Balancer target type
ALB EKS control plane traefik kube-op s-view k-proxy
Reference
• What is a DNS PTR record? • 鳥哥 DNS
正反解 • tcpdump relate project • Wireshark CLI tools & scripting • tcpdump group github • Top 10 Wireshark Filters • Wireshark Display Filter Reference • Wireshark distribution command line
• what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local
Addresses • EKS architectural overview • Elastic network interfaces • Network Load Balancer Support in Kubernetes 1.9 • Application Load Balancer target type
SiteGround - Reliable hosting with speed, security, and support you can count on.
ricotoothless
heron0519
licux
maroon1st
koukimiura
nrslib
serradura
hollycummins
jinroq
hideakitakechi
yasunori0418
asumikam
kishikawakatsumi
addyosmani
codingconduct
inesmontani
rkendrick25
leimatthew05
csswizardry
geshan
mayunak
.jpg){kind=avatar}
cargoodrich
tanoku
baasie
