Sometimes, knowing the type of traffic that is handled by a particular interface can help you troubleshoot performance issues. This is typically referred to as packet sniffing. You can choose to install a third-party packet sniffer if you like. You can also use the packet sniffing utility that is built into SmartOS: Snoop. From the Snoop man page:
"snoop captures packets from the network and displays their contents. snoop uses both the network packet filter and streams buffer modules to provide efficient capture of packets from the network. Captured packets can be displayed as they are received, or saved to a file for later inspection."
Basic Snoop Commands
Using Snoop is relatively easy:
Monitor traffic per interface:
snoop -d INTERFACE
Monitor traffic per interface and filter by some port:
snoop -d INTERFACE | grep PORT
Saves the output to a named file:
snoop -o file
Note: Running this command with the
-x0 flag saves the file in ASCII format.
Read the previously saved file:
snoop -i file
Display detailed or verbose output: