Created
March 16, 2015 18:59
-
-
Save hgn/383308615d8c96551afa to your computer and use it in GitHub Desktop.
Capture of IPv6 advertisement message via tcpdump
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @virgo:~ $ sudo tcpdump -vvvv -ttt -i eth1 icmp6 and 'ip6[40] = 134' | |
| 00:00:00.000000 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 200) fe80::b675:eff:fefa:1cb > ip6-allnodes: [icmp6 sum ok] ICMP6, router advertisement, length 200 | |
| hop limit 0, Flags [managed, other stateful], pref medium, router lifetime 1800s, reachable time 0s, retrans time 0s | |
| source link-address option (1), length 8 (1): b4:75:0e:fa:01:cb | |
| 0x0000: b475 0efa 01cb | |
| mtu option (5), length 8 (1): 1280 | |
| 0x0000: 0000 0000 0500 | |
| prefix info option (3), length 32 (4): 2a01:ffff:43f::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s | |
| 0x0000: 40c0 0000 1c20 0000 0708 0000 0000 2a01 | |
| 0x0010: ffff 043f 0000 0000 0000 0000 0000 | |
| prefix info option (3), length 32 (4): fd37:daed:beef::/64, Flags [onlink, auto], valid time 7200s, pref. time 1800s | |
| 0x0000: 40c0 0000 1c20 0000 0708 0000 0000 fd37 | |
| 0x0010: daed beef 0000 0000 0000 0000 0000 | |
| route info option (24), length 24 (3): 2a01:fff:43f::/48, pref=medium, lifetime=7200s | |
| 0x0000: 3000 0000 1c20 2a01 ffff 043f 0000 0000 | |
| 0x0010: 0000 0000 0000 | |
| route info option (24), length 24 (3): fd37:daed:beef::/48, pref=medium, lifetime=7200s | |
| 0x0000: 3000 0000 1c20 fd37 daed beef 0000 0000 | |
| 0x0010: 0000 0000 0000 | |
| rdnss option (25), length 24 (3): lifetime 1800s, addr: 2a01:ffff:43f::1 | |
| 0x0000: 0000 0000 0708 2a01 ffff 043f 0000 0000 | |
| 0x0010: 0000 0000 0001 | |
| dnssl option (31), length 24 (3): lifetime 1200s, domain(s): local. | |
| 0x0000: 0000 0000 04b0 056c 6f63 616c 0000 0000 | |
| 0x0010: 0000 0000 0000 | |
| advertisement interval option (7), length 8 (1): 600000ms | |
| 0x0000: 0000 0009 27c0 |
Thanks!
Cool! Thank you.
I visit this paste from time to time in search for it's filter. Thanks :)
I'll leave a IMHO more convenient argument order here in hopes to have something for others and myself once i return :D
sudo tcpdump -ttt icmp6 and 'ip6[40] = 134' -vvvv -ni enp1s0
It's the same command but with disabled conversion of addresses and ports to text (-n) and the interface at last since it's the thing which will need changing nearly always which is much easier if it's at the end.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
save my day