Žilinská univerzita > Fakulta riadenia a informatiky > Katedra informačných sietí

Packet captures, Ethernet, IP, Routing, WAN

BGPv4 - update message - removing route

Description

Routers R1 nad R2 are connected through the serial HDLC line. R1 router is a BGP speaker running AS 200, the R2 router is an AS100 BGP speaker. Both routers are configured with correct BGP neighbor commands to form an eBGP peering.

BGPv4 - update message - adding an route

Description

Routers R1 nad R2 are connected through the serial HDLC line. R1 router is a BGP speaker running AS 200, the R2 router is an AS100 BGP speaker. Both routers are configured with correct BGP neighbor commands to form an eBGP peering.

BGPv4 - open and keepalive messages - moving from connect to open state - eBGP peers

Description

Routers R1 nad R2 are connected through the serial HDLC line. R1 router is a BGP speaker running AS 200, the R2 router is an AS100 BGP speaker. Both routers are configured with correct BGP neighbor commands to form an eBGP peering. The capture is displaying the moment when we activate serial interconnecting interface (no shutdown)  of the R2 router.

EIGRP - deleting route - query/reply

Description

EIGRP - an update

Description

Routers R1 nad R2 are connected through the serial HDLC line. The capture is displaying a moment when we activate EIGRP routing (AS 1) for the fastethernet interface of the R2 router. Capture displays the exchange of Update packet with information about the fastEthernet network address (192.168.2.0) immediatelly followed by the Ack EIGRP packet emitted by R1 to confirm receipt.

Topology

|----FA0/0-(192.168.1.1/24)----|R1|----s0/0----(1.0.0.0/30)----s0/0----|R2|----Fa0/0-(192.168.2.1/24)----|

EIGRP - forming adjacency and initial update

Description

Routers R1 nad R2 are connected through serial HDLC line. The capture is displaying a moment when we activate EIGRP routing (AS 1) on the serial line between both routers only (R1 was first). Capture displays the Hello packet exchange following with Update packets with an empty body (IP TLV).

Topology

|----FA0/0-(192.168.1.1/24)----|R1|----s0/0----(1.0.0.0/30)----s0/0----|R2|----Fa0/0-(192.168.2.1/24)----|

Number of packets: 15

IGMPv2 packet capture

The capture displays an IGMPv2 multicast communication. The IP host with the IP address 192.168.10.108 is wishing to join 233.10.47.43 multicast group  sending the Memership Report IGMP message (1st and 2nd packet). After sucesfull joining, it is leaving the group after a while  with IGMP Leave Group message (3td packet), which follows by two Membership Queries issued by the default gateway with IP 192.168.10.1 on the multicast group address (233.10.47.43) checking for the actual group membership on the LAN for the multicast group.

Number of packets: 5

Q-in-Q (VLAN Stacking) packet capture

The capture is showing the q-in-q tagging where VLAN ID 600 is the customer VLAN and VLAN ID 101 is the metro tag (Service provider tag). Tha capture consist of ICMP pings among two customer IP hosts (vlan 600) with IP addresses, 192.168.1.1 and 192.168.1.2, carried over ISP MAN network (service ID 101).

Number of packets: 11

We should apply the Wireshark filter

vlan.id == SERVICE_PROVIDER_ID && vlan.id == CUSTOMR_ID

with appropriate VLAN tags, in the example

Syndicate content