Capture LLDP packets using tcpdump

StackOverflow https://stackoverflow.com/questions/18095812

  •  23-06-2022
  •  | 
  •  

Question

What is the format to capture LLDP packets on an interface using tcpdump?

I tried the following format but it dint work:

tcpdump -w test.pcap -i eth0 lldp -vv
Was it helpful?

Solution 

tcpdump -w test.pcap -i eth0 ether proto 0x88cc

The Ethernet type for LLDP is 0x88cc, so the filter to see only LLDP packets is ether proto 0x88cc.

-v is useful when used with -w to print a short count of packets matched, like this: Got 11.

-w means "write the raw packets to the file, and don't print anything"; -v means "print verbosely", so ostensibly the arguments don't make sense together but with -w, the -v option provides some utility.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top