https://login.veeam.com/en/oauth?client_id=nXojRrypJ8&redirect_uri=https%3A%2F%2Fwww.veeam.com%2Fservices%2Fauthentication%2Fredirect_url&response_type=code&scope=profile&state=eyJmaW5hbFJlZGlyZWN0TG9jYXRpb24iOiJodHRwczovL3d3dy52ZWVhbS5jb20va2IyMjU2IiwiaGFzaCI6ImVlMjYzMWRkLWE3ZTUtNGM3MS1iMWEwLTY2NDI4ODliY2JlZiJ9
Testing Connectivity with Wireshark
Challenge
It becomes necessary to test connectivity and specific ports outside of Veeam software components to rule in or rule out network connectivity or throughput issues, usually as part of other troubleshooting.
Solution
Wireshark (formerly Ethereal) is a packet analyzer, free and open-source, useful for network troubleshooting and analysis. Contrasted with iperf which tests ports and throughput, Wireshark can return robust data showing outbound and inbound data, acknowledgements for TCP connections, and even on multiple interfaces concurrently.
Due in part to this robustness, it can produce extremely large captures, and it’s helpful to pare this down to a manageable data set:
Due in part to this robustness, it can produce extremely large captures, and it’s helpful to pare this down to a manageable data set:
- Limit the number of interfaces we capture for the duration
- Apply capture filters to narrow down IP addresses and ports we watch for
More information
The first thing to know is what connection(s) you’re needing to monitor. You can start by picking only the necessary interfaces from Capture > Options > Manage Interfaces:
The specific ports used for communicating between various components can be found in the user guide, and specifically the Used Ports page:
https://helpcenter.veeam.com/docs/backup/vsphere/used_ports.html?ver=95
For instance, if the focus of investigation is traffic between a backup proxy agent and a repository agent on a single IP range, you can limit the capture to that IP range. This is, again, a capture filter, not a display filter. The capture filter field will turn green if the filter is valid:
This constrains the capture itself to traffic originating from that range of IP addresses, and no traffic originating from any other ranges will be captured. After configuring this correctly, you can proceed to running the capture, and then use display filters to pare that down further. You can specify, at the most basic:
The capture itself is pretty self-explanatory:
Time format can be selected from a few options under the view menu. Source and target addresses are just as they say, as is protocol. Length refers to the overall packet length sent or received, and the details will show anything relevant (for instance, packets sent TCP but with no ACK response). You can get even more detail up to and including the content of that specific packet.
An important final note: Wireshark captures are inherently massive, especially if the capture filter is broad or not defined at all. Ensure you have adequate space on the machine running the capture if you suspect it will run for some time, or you run a very real risk of filling up the storage.
Wireshark does have some wiki-style and community resources for some greater detail on its operation and use in troubleshooting, but a familiarity with networking and the specific network environment will help far more, and is generally a requirement for making sense of the returned data.
https://www.wireshark.org – Site for download
https://wiki.wireshark.org – Wireshark Wiki site (check here for capture and display filters)
https://ask.wireshark.org – Wireshark Q&A/Forum
The specific ports used for communicating between various components can be found in the user guide, and specifically the Used Ports page:
https://helpcenter.veeam.com/docs/backup/vsphere/used_ports.html?ver=95
For instance, if the focus of investigation is traffic between a backup proxy agent and a repository agent on a single IP range, you can limit the capture to that IP range. This is, again, a capture filter, not a display filter. The capture filter field will turn green if the filter is valid:
This constrains the capture itself to traffic originating from that range of IP addresses, and no traffic originating from any other ranges will be captured. After configuring this correctly, you can proceed to running the capture, and then use display filters to pare that down further. You can specify, at the most basic:
- ip.addr == 192.168.0.1
- tcp.port == 22 || tcp.port == 443
- http
The capture itself is pretty self-explanatory:
Time format can be selected from a few options under the view menu. Source and target addresses are just as they say, as is protocol. Length refers to the overall packet length sent or received, and the details will show anything relevant (for instance, packets sent TCP but with no ACK response). You can get even more detail up to and including the content of that specific packet.
An important final note: Wireshark captures are inherently massive, especially if the capture filter is broad or not defined at all. Ensure you have adequate space on the machine running the capture if you suspect it will run for some time, or you run a very real risk of filling up the storage.
Wireshark does have some wiki-style and community resources for some greater detail on its operation and use in troubleshooting, but a familiarity with networking and the specific network environment will help far more, and is generally a requirement for making sense of the returned data.
https://www.wireshark.org – Site for download
https://wiki.wireshark.org – Wireshark Wiki site (check here for capture and display filters)
https://ask.wireshark.org – Wireshark Q&A/Forum
KB ID:
2256
Product:
Veeam Agent for Linux,
Veeam Agent for Microsoft Windows,
Veeam Backup & Replication,
Veeam Cloud Connect
Version:
All
Published:
2017-03-07
Last Modified:
2020-08-13
Couldn't find what you were looking for?
Below you can submit an idea for a new knowledge base article.
Report a typo on this page:
Please select a spelling error or a typo on this page with your mouse and press CTRL + Enter to report this mistake to us. Thank you!
Please select a spelling error or a typo on this page with your mouse and press CTRL + Enter to report this mistake to us. Thank you!
Spelling error in text
Knowledge base content request
How can we assist you today?
How can we assist you today?
Happy Holidays!
Chat is offline now. Please fill out the form and we will call you back.
Technical
General and Licensing
Renewal
Sales
Partnership
Do you have an issue or need post-sales technical assistance?
*if you need help choosing the right product, please select "Sales" chat
Do you need guidance on the website, upgrade hints or help with your licenses/accounts?
Questions regarding your Veeam contract renewal? Contact us and learn how you can maximize your savings
Do you need additional license, pricing details, product information or have any other sales-related question?
Would you like to become our partner or do you need assistance as our existing partner?
Start chat
We apologize, but this chat is not available at the moment
Start chat
We apologize, but this chat is not available at the moment
Start chat
We apologize, but this chat is not available at the moment
Start chat
We apologize, but this chat is not available at the moment
Privacy Notice. By submitting, you agree that your personal data will be managed by Veeam in accordance with the Privacy Policy.
Back
Thank you for your request!
Veeam representative will get back to you shortly.
Stay up to date with Veeam product updates, latest news, and recent content.
By subscribing, you agree to receive communications about Veeam products, services and events. Your personal data will be managed by Veeam in accordance with the Privacy Policy. You can unsubscribe at any time.