tcpdump expression to ignore NFS UDP

Andrew Smith rhml2 at k1k2.com
Sun Jan 30 21:31:21 UTC 2005


Hi Harry,
thanks for your help - you've helped me find a reasonably simple
solution - just put the option 'tcp' in fstab - yep the RH9 box
defaults to UDP and just switching to TCP works also

The connection works fine with UDP, it's just that I get a large
tcpdump log each day for the NFS file transfers and I was trying
to work out how to get rid of them from the log
My router logs pretty much all packets coming and going in all
directions and I recently put a backup drive in it for the RH9
box which runs it's backup each night (over NFS) and of course
suddenly the daily local log file grew quite large due to the
backup

-Thanks again for your help
-Cheers

On Mon, 2005-01-31 at 02:02, Harry Hoffman wrote:
> Andrew,
> 
> First guess would be that the RH9 box is running NFSV2 and using udp as 
> a transport and the FC2 boxes are running NFSV3 and using tcp as a 
> transport. (I have not verified this)
> 
> I haven't used RH9 in a while but you may be albe to set it to use TCP 
> as the transport. Perhaps check in /etc/sysconfig/
> 
> Is it not working? Or do you just want everything over TCP?
> 
> Cheers,
> Harry
> 
> Andrew Smith wrote:
> > Hi,
> > sorry for not being specific enough ...
> > 
> > One of my machines is RedHat9 the other is fc2 and transfers
> > create UDP packets in the tcpdump on the fc2 machine that look
> > like this:
> > 
> > 19:22:17.603860 xx:xx:xx:xx:xx:xx > yy:yy:yy:yy:yy:yy, ethertype IPv4
> > (0x0800), length 1514: IP 192.168.a.b > 192.168.c.d: udp
> > 
> > Transfers between two fc2 machines don't create them
> > Transfers between fc2 and fc3 don't create them
> > Even if I run them both at the same time
> > 
> > So I'm trying to work out how to skip them in the tcpdump
> > (yes I guess moving the rh9 box to fc2 or fc3 would work)
> > Or maybe going to fedoralegacy for an nfs update ... nope the only
> > file there in updates is 'nfs-utils-1.0.1-3.9.i386.rpm' which is
> > from the original RH9 updates
> > 
> > -Thanks for your help already
> > -Cheers
> > 
> > On Sun, 2005-01-30 at 17:16, Harry Hoffman wrote:
> > 
> >>tcpdump -i interface -eln not port 2049 and src host \( host1 or host2 
> >>\) and dst host \( host1 or host2\)
> >>
> ...




More information about the fedora-list mailing list