CISCO
  • CISCO CERTIFICATIONS
  • CISCO DevNet - Coding & API's
    • Untitled
  • CCNA
    • Networking Fundamentals
    • Introduction
    • OSI, TCP/IP and 5 Layer Model
    • Binary
    • Hexadecimal
    • Cabling and Packet Flows
    • IP v4 Addressing
      • VLSM
    • Cisco IOS Software
    • Wireshark Basics
    • Switches
      • VLANS
        • DTP/VTP (Cisco Proprietary)
        • STP - Classic
        • STP - RSTP
      • EtherChannel
    • Routing
      • Dynamic Routing
      • RIP and EIGRP
      • OSPF 1 - Basics
      • OSPF 2 - Cost, Neighbours and Configs
      • OSPF 3 - Network and LSA Types
      • FHRP
        • HSRP
        • VRRP
      • IP SLA
      • BGP
        • Regular Expressions
    • Programming
  • CCNP
    • SetUp Stuff
    • CCNP ENCOR 350-401
      • Packet Forwarding:
  • IP Address Managers
    • Opensource
  • CCNA LABS
  • CCNA LABS
Powered by GitBook
On this page
  • Wireshark Capture
  • Port SPAN - Mirroring

Was this helpful?

  1. CCNA

Wireshark Basics

PreviousCisco IOS SoftwareNextSwitches

Last updated 4 years ago

Was this helpful?

Wireshark Capture

The Ethernet II is the LAYER 2 FRAME The Internet Protocol v4 is the LAYER 3 NETWORK PACKET The Transmission Control Protocol (TCP) is teh LAYER 4 SEGMENT

Port SPAN - Mirroring

If we check for http traffic between SW1 and R1 there will be none as web traffic is generated between PC1 and the Web Server so no traffic will be observed (in this test case). If we wanted to capture traffic thats not being tranversed where the captue is occuring , we will have to span (switch port analyser) or mirror the port on a switch so that we can mirrior traffic on one port onto another

To configure the mirroring use 'monitor'

S1(config)#monitor session 1 source interface gi0/0 S1(config)#monitor session 1 destination interface gi0/3 S1# show monitor session 1

The frame here is not a L2 frame as we know it but rather the Physical Layer Metadata