Unified Tracing Overview

 

Applies To: Windows Server 2012 R2, Windows Server 2012, Windows 8

This topic provides an overview of Unified Tracing in Windows Server® 2012 and Windows Server® 2012 R2.

In Windows Server 2012, Unified Tracing introduced the new parameter capturetype for the netsh trace command. This parameter extends tracing capabilities and enables network administrators to more efficiently capture network traffic on both physical and virtual networks, making the process of troubleshooting network issues more effective and efficient.

In an environment where there are multiple virtual networks on a single physical computer, Unified Tracing can capture traffic between VMs on the same network, as well as between VMs on different virtual networks.

If you have a server that is running Hyper-V that has multiple virtual machines (VMs) and you want to analyze the network traffic between VMs, you can execute the netsh trace command using the capturetype parameter on the Hyper-V host. By starting the capture on the host machine, tracing is enabled on each of the VMs simultaneously, and you’re able to analyze the traffic between the VMs.

The parameter capturetype allows you to specify the type of traffic to capture:

  • When you specify the value physical for the capturetype parameter, you can capture traffic on the physical computer, and specifically, traffic through the physical network adapter.

  • When you specify the value vmswitch for the capturetype parameter, you can capture traffic that traverses Hyper-V Virtual Switches.

  • When you specify the value both for the capturetype parameter, you can capture all traffic on the physical computer and that traverses the Hyper-V Virtual Switch.

For the purpose of backward compatibility, the default value of the capturetype parameter is physical.

When the value for the capturetype parameter is specified as vmswitch, only traffic traversing the switch is captured. If the same traffic traverses the physical network adapter (for example, the traffic is also sent to a different physical computer), then it is not captured again at the physical network adapter level.

For details about Netsh Trace in Windows Server 2012, see Netsh Commands for Network Trace in the Windows Server 2012 Technical Library.

See also

Following is a list of related technologies: