The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
CPS administrators can use the tcpdump Linux command in the command line to intercept and display TCP/IP packets, as well as others, as they are being transmitted or received.
With the tcpdump command, you can analyze network behavior, performance, and applications that generate or receive network traffic.
While not specific to CPS, the following examples of tcpdump are frequently helpful for troubleshooting CPS network packets.
![]() Note | Starting the heapdump on policy director (LB) will have an impact on performance. |
tcpdump -i any -s 0 port XXXX
where, XXXX is the port number you are interested in, RADIUS ports are used for default examples unless otherwise specified.
tcpdump -i any -s 0 port 1812 or 1813
tcpdump -i any -s 0 portrange 1812-1817
tcpdump -i any -s 0 portrange 1812-1817 or port 1700
tcpdump -i any -s 0 -v port XXXX
tcpdump -i any -s 0 -vv port XXXX
tcpdump -i eth0 -s 0 port XXXX
tcpdump -i any -s 0 port 1812 -w output.pcap
The resulting output.pcap file can be opened and utilized using such tools as WireShark.
From a UNIX/Linux prompt, type man tcpdump.
![]() Note | These examples assume that the default ports have not been changed or have been specified in Cisco Policy Builder. One must modify these examples to use the appropriate ports that have been specified in Cisco Policy Builder if the default/typical values have been changed. |
tcpdump -i any -s 0 port 1812 or 1813
Port 1812 is the default for Authorization traffic.
Port 1813 is the default for Accounting traffic.
tcpdump -i any -s 0 port 1161 or 1162 or 161 or 162
![]() Note | This command works for both the sending and receiving machine; the port just needs to match the source or destination port. |
The following information is the information format:
Host/VM name Port "Service/traffic type"
where XX is the numeric value of the given host, i.e. pcrfclient01.
pcrfclientXX 80 "Subversion"
pcrfclientXX 7070 "Policy Builder"
sessionmgrXX 27717 "Session Database"
sessionmgrXX 27718 "Quota/Balance Database"
sessionmgrXX 27719 "Reporting Database"
sessionmgrXX 27720 "USuM Database"
lbvipXX 80 "Subversion vip external"
lbvipXX 8080 "QNS/Unified API VIP"
lbvipXX 11211 "Memcache vip internal"
lbvipXX 7070 "Policy Builder VIP"
qnsXX 9091 "QNS admin port"