Need to debug a slow Internet connection in OS X? Or simply have a desire to watch incoming and outgoing DNS (domain name service) queries in Leopard? Then tcpdump is your friend.
Open a terminal window and use the following command:
sudo tcpdump -i en1 -s 128 port 53
-i Sets which interface to listen to. en1 for me is the AirPort wifi card. en0 would be the ethernet card.
-s sets the number of bytes to “sniff” or “snarf” per call that goes through this interface. 128 gives us a bit better coverage than the default 68 bytes. If you find that tcpdump requests are showing up simply as [|domain], that means that the request is longer than 68 bytes and is truncated. To prevent truncation, increase -s.
port 53 is simply the network port for DNS communcation
Learn more about tcpdump at developer.apple.com
Pingback: Slow Internet with Leopard | Mac OS X Leopard & Tiger Dual Boot
Pingback: 1.0.0.127.dnsbugtest. 1.0.0.127.in-addr-arpa | Mac OS X Leopard & Tiger Dual Boot