Presentation titled IPv6 TCP/IP and tcpdump is about Software and s/w Development.
I'm using tcpdump on routing software, and trying to check whether the presence of ip/ip6 protocol with an ip6/ip host (i.e., the other IP family), or else specifying a mix of IPv4 and IPv6 IPs as hosts, is redundant, meaningless, or a user data sanitisation error. Or else, whether it can make reasonable sense as tcpdump capture parameters.
Is it consistent -- or capable of making sense - to specify tcpdump with proto='ip' but hosts that include IPv6 IPs (or proto='ip6' but hosts that include IPv4)?
Can that ever make sense or return valid results? If so, when?
Thanks for any quick input, it'll help!
migrated from stackoverflow.comMay 20 '13 at 13:04
![Tcpdump Tcpdump](https://devzone.nordicsemi.com/cfs-file/__key/communityserver-discussions-components-files/4/coap-packets.jpg)
This question came from our site for professional and enthusiast programmers.
2 Answers
Something like this?
The above example is slightly more elaborate than it needs to be, to illustrate a point. The following will work fine too. www.google.com
is a dual-stack host that includes A and AAAA records -- tcpdump automatically does 'or' logic that combines results when resolving a DNS host.
This is effectively the same as:
An IPv4 packet always has IPv4 source and destination addresses, and an IPv6 packet always has IPv6 source and destination addresses.
I don't really understand what you are trying to do, and I guess that means: 'No, it doesn't make sense'