Subject: Re: bin/33078: "tcpdump host foo" does not work
To: None <>
From: Manuel Bouyer <>
List: netbsd-bugs
Date: 03/14/2006 19:37:46
On Tue, Mar 14, 2006 at 02:00:09PM +0000, wrote:
> I was running "tcpdump -eni wm1" and saw all traffic to/from our domU hosts
> (including the 802.1Q headers) so I wanted to see only one host and executed
> the following command but absolutely nothing appears on the screen:
> ROOT xen1:~> tcpdump -eni wm1 host
> tcpdump: WARNING: wm1: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on wm1, link-type EN10MB (Ethernet), capture size 96 bytes
> ^C
> 0 packets captured
> 33 packets received by filter
> 0 packets dropped by kernel
> ROOT xen1:~> 
> So even though the traffic from is visible during the first
> tcpdump invocation it won't appear when using the "host foo" argument
> with tcpdump.

You don't see it because tcpdump filters on IP in untagged packets.
You may want to try:
tcpdump -eni wm1 vlan and host

Manuel Bouyer <>
     NetBSD: 26 ans d'experience feront toujours la difference