9. DPDK pdump Library and pdump Tool
This document describes how the Data Plane Development Kit (DPDK) Packet Capture Framework is used for capturing packets on DPDK ports. It is intended for users of DPDK who want to know more about the Packet Capture feature and for those who want to monitor traffic on DPDK-controlled devices.
The DPDK packet capture framework was introduced in DPDK v16.07. The DPDK packet capture framework consists of the DPDK pdump library and DPDK pdump tool.
9.1. Introduction
The librte_pdump library provides the APIs required to allow users to initialize the packet capture framework and to enable or disable packet capture. The library works on a client/server model and its usage is recommended for debugging purposes.
The dpdk-pdump tool is developed based on the
librte_pdump
library. It runs as a DPDK secondary process and is capable
of enabling or disabling packet capture on DPDK ports. The dpdk-pdump
tool
provides command-line options with which users can request enabling or
disabling of the packet capture on DPDK ports.
The application which initializes the packet capture framework will act as a server and the application that enables or disables the packet capture will act as a client. The server sends the Rx and Tx packets from the DPDK ports to the client.
In DPDK the testpmd
application can be used to initialize the packet
capture framework and act as a server, and the dpdk-pdump
tool acts as a
client. To view Rx or Tx packets of testpmd
, the application should be
launched first, and then the dpdk-pdump
tool. Packets from testpmd
will be sent to the tool, which then sends them on to the Pcap PMD device and
that device writes them to the Pcap file or to an external interface depending
on the command-line option used.
Some things to note:
- The
dpdk-pdump
tool can only be used in conjunction with a primary application which has the packet capture framework initialized already. In dpdk, onlytestpmd
is modified to initialize packet capture framework, other applications remain untouched. So, if thedpdk-pdump
tool has to be used with any application other than the testpmd, the user needs to explicitly modify that application to call the packet capture framework initialization code. Refer to theapp/test-pmd/testpmd.c
code and look forpdump
keyword to see how this is done. - The
dpdk-pdump
tool depends on the libpcap based PMD which is disabled by default in the build configuration files, owing to an external dependency on the libpcap development files. Once the libpcap development files are installed, the libpcap based PMD can be enabled by settingCONFIG_RTE_LIBRTE_PMD_PCAP=y
and recompiling the DPDK.
9.2. Test Environment
The overview of using the Packet Capture Framework and the dpdk-pdump
tool
for packet capturing on the DPDK port in
Fig. 9.3.
9.3. Configuration
Modify the DPDK primary application to initialize the packet capture framework as mentioned in the above notes and enable the following config options and build DPDK:
CONFIG_RTE_LIBRTE_PMD_PCAP=y
CONFIG_RTE_LIBRTE_PDUMP=y
9.4. Running the Application
The following steps demonstrate how to run the dpdk-pdump
tool to capture
Rx side packets on dpdk_port0 in Fig. 9.3 and
inspect them using tcpdump
.
Launch testpmd as the primary application:
sudo ./app/testpmd -c 0xf0 -n 4 -- -i --port-topology=chained
Launch the pdump tool as follows:
sudo ./build/app/dpdk-pdump -- \ --pdump 'port=0,queue=*,rx-dev=/tmp/capture.pcap'
Send traffic to dpdk_port0 from traffic generator. Inspect packets captured in the file capture.pcap using a tool that can interpret Pcap files, for example tcpdump:
$tcpdump -nr /tmp/capture.pcap reading from file /tmp/capture.pcap, link-type EN10MB (Ethernet) 11:11:36.891404 IP 4.4.4.4.whois++ > 3.3.3.3.whois++: UDP, length 18 11:11:36.891442 IP 4.4.4.4.whois++ > 3.3.3.3.whois++: UDP, length 18 11:11:36.891445 IP 4.4.4.4.whois++ > 3.3.3.3.whois++: UDP, length 18