Need to debug a slow Internet connection in OS X? Or simply have a desire to watch incoming and outgoing DNS (domain name service) queries in Leopard? Then tcpdump is your friend.
Open a terminal window and use the following command:
sudo tcpdump -i en1 -s 128 port 53
-i Sets which interface to listen to. en1 for me is the AirPort wifi card. en0 would be the ethernet card.
-s sets the number of bytes to “sniff” or “snarf” per call that goes through this interface. 128 gives us a bit better coverage than the default 68 bytes. If you find that tcpdump requests are showing up simply as [|domain], that means that the request is longer than 68 bytes and is truncated. To prevent truncation, increase -s.
port 53 is simply the network port for DNS communcation
Learn more about tcpdump at developer.apple.com
Related posts:
Subscribe by RSS
2 comments
Comments feed for this article
Trackback link
http://installingcats.com/2008/06/01/debugging-mac-os-x-dns-tcpdump/trackback/
June 5, 2008 at 6:57 pm
Pingback from Slow Internet with Leopard | Mac OS X Leopard & Tiger Dual Boot
October 8, 2008 at 11:17 am
Pingback from 1.0.0.127.dnsbugtest. 1.0.0.127.in-addr-arpa | Mac OS X Leopard & Tiger Dual Boot