Cisco Support Community
Packet tracing is not directly supported by iOS devices but this is possible using the Remote Virtual Interface (RVI) facility. The RVI facility has been added on iOS 5, and continues to be available on succeeding versions. It allows you to capture live packet data from your iOS device using a variety of packet analyzers such as Wireshark installed in your Mac computer. Once the RVI is set up for your iOS device, it will create a virtual network interface on your Mac computer that will represent the networking stack of your iOS device. When you run your packet trace program, select the RVI created to start capturing packets.
This article aims to show you how to configure an RVI for an iOS device and do a packet capture on an iPhone and Wireshark is used as an example throughout this article.
Download and Install Xcode
To set up an RVI for your iPhone, run the rvictl command. To be able to execute this command, you need to download and install Xcode from the Apple App Store.
Step 1. On your Mac computer, go to the App Store .
Note: In this example, Mac OS Sierra is used.
Step 2. On the Search field, enter Xcode.
Step 3. Choose the Xcode app and then click GET.
Step 4. Click INSTALL APP.
Note: Have your Apple credentials handy as you will need to enter your credentials during the installation process.
Step 5. Enter your Apple ID and Password to sign in to download the app then, click Sign In.
Step 6. Complete the download and installation process.
You should now have installed the Xcode app on your Mac computer.
Step 1. Click here to download Wireshark.
Step 2. Install Wireshark.
Connect iOS Device and Obtain the UDID
Note: You can connect multiple iOS devices to your Mac depending on the number of USB ports available and then create an RVI for each of them. The devices have to remain physically connected to the Mac in order to obtain their UDID. In the diagram below, there are three iOS devices connected to an iMac.
Step 1. Connect the lightning connector to your iOS device.
Step 2. Connect the other end of the cable to the USB port of your Mac computer.
Step 3. Connect your iOS device to the wireless network.
Step 4. On your computer, go to iTunes .
Step 5. Click your iOS device.
Note: In this example, an iPhone is used.
Step 6. Click the Serial Numberto display the Unique Device Identifier (UDID) of your iOS device.
Step 7. Take note of the UDID. UDID is a 40-character alphanumeric string assigned to identify Apple devices such as an iPhone. In this example, the UDID is 5175c2f60c 5175c2f60c 5175c2f60c 5175c2f60c.
Step 8. (Optional) Repeat Steps 1 to 7 to obtain the UDID of the other iOS devices connected to your Mac.
You should now have connected your iOS device and determined its UDID.
Execute the rvictl Command
Run the rvictl tool to set up an RVI. Follow the steps below:
Step 1. On your Mac computer, pull up the Terminal.
Step 2. Enter the command ifconfig –l and then press Enter.
This should now display the current list of interfaces.
Step 3. Enter the command rvictl –s plus the UDID of your device and then press Enter. This sets up your iOS device with the virtual interface.
Note: UDID letters should be entered all in lower case when executing this command. In this example, 5175c2f60c5175c2f60c5175c2f60c5175c2f60c is used.
Note: Make sure that the device started successfully.
Step 4. Repeat Step 3 for the other iOS devices connected to your Mac.
You should now have successfully set up an RVI to your iOS device by executing the rvictl command on your Mac computer.
Perform a Packet Capture
Step 1. On your computer, open Wireshark.
Step 2. Choose the RVI of your iOS device to take a packet capture from it.
Note: In this example, rvi0 interface is chosen.
You should now have captured sample packets on Wi-Fi from your iOS device.
Note: To learn more about interpreting the captured packets, click here.