Wireshark Basics

Wireshark Capture

The Ethernet II is the LAYER 2 FRAME The Internet Protocol v4 is the LAYER 3 NETWORK PACKET The Transmission Control Protocol (TCP) is teh LAYER 4 SEGMENT

Port SPAN - Mirroring

If we check for http traffic between SW1 and R1 there will be none as web traffic is generated between PC1 and the Web Server so no traffic will be observed (in this test case). If we wanted to capture traffic thats not being tranversed where the captue is occuring , we will have to span (switch port analyser) or mirror the port on a switch so that we can mirrior traffic on one port onto another

To configure the mirroring use 'monitor'

S1(config)#monitor session 1 source interface gi0/0 S1(config)#monitor session 1 destination interface gi0/3 S1# show monitor session 1

PreviousCisco IOS Software NextSwitches

Last updated 4 years ago