Sort by new | name | popular

Packet Captures

Showing 1 - 25 of 103

address withdrawal ldp.pcapng.cap 716 bytes

Submitted Apr 25, 2014 by altafk

Label address withdrawal message. An LSR sends the label address withdrawal message to a peer when it wants to withdraw previously advertised labels to address mappings. See RFC 3036 for more details.

IP LDP TCP

Packets: 1 Duration: n/a Downloads: 588

mpls address label mapping.pcapng.cap 708 bytes

Submitted Apr 23, 2014 by altafk

MPLS address label mappings communication over TCP (here R6 to R5) In this packet we can see the address bound to that neighbor (R6) in the address list TLV. Also the address and labels are encoded as TLV(type length value). We should remember that the transport address of the neighbor should be reachable and not mpls router ID, because the TCP handshake is done via transport address and not MPLS router id. The address label mapping is exchanged once the TCP handshake is done.

IP LDP TCP

Packets: 1 Duration: n/a Downloads: 566

DNS Question & Answer.pcapng.cap 1.6 KB

Submitted Apr 16, 2014 by manjesh23

DNS Question and Answer

DNS IP UDP

Packets: 2 Duration: n/a Downloads: 1055

bgp as confed sequence.pcapng.cap 432 bytes

Submitted Apr 4, 2014 by altafk

AS confederation sequence set in the BGP updates. Confederations are used to minimize IBGP mesh between BGP speakers but IBGP rules apply between EBGP sub confederation peers. AS confederation sequence are an ordered list of Autonomous systems passed within confederations.

BGP IP TCP

Packets: 1 Duration: n/a Downloads: 489

bgp orf prefix advertisement.pcapng.cap 336 bytes

Submitted Apr 3, 2014 by altafk

BGP prefix list sent during route refresh when outbound route filtering is configured. here we clearly see whether the prefix list is add or delete and permit or deny. Also we can see the actual network/mask sent.

BGP IP TCP

Packets: 1 Duration: n/a Downloads: 601

bgp orf capabilty negotitation.pcapng.cap 328 bytes

Submitted Apr 3, 2014 by altafk

BGP outbound route filtering capabilities negotiation between BGP speakers, sent during route [ Cisco PrefixList ORF-Type (128)].

BGP IP TCP

Packets: 1 Duration: n/a Downloads: 460

bgp med.pcapng.cap 364 bytes

Submitted Apr 2, 2014 by altafk

BGP metric value set to 242( just a random value), used as a suggestion for peer in neighboring AS to influence incoming traffic.

BGP IP TCP

Packets: 1 Duration: n/a Downloads: 430

no-advertise community.pcapng.cap 420 bytes

Submitted Mar 31, 2014 by altafk

BGP update packet with no-advertise community set [Community:NO_ADVERTISE (0xffffff02)] A BGP router telling its BGP peer not to advertise this route to any other peer whether EBGP or IBGP.

BGP IP TCP

Packets: 2 Duration: n/a Downloads: 418

sflow.cap 1.8 KB

Submitted Oct 29, 2013 by hgsuttorp

SFLOW capture containing - counter sample packets - flow sample packet

IP SFLOW UDP

Packets: 9 Duration: 109s Downloads: 333

snoop-working-ccm7.cap 203.0 KB

Submitted Jul 22, 2013 by earnestavathan

H323 Phone registering!!!

H225 IP Q931 TCP TPKT UDP

Packets: 191 Duration: 1081s Downloads: 2571

icmp fragmented.cap 106.4 KB

Submitted Aug 27, 2012 by altafk

pinged google.com with -l option in windows which allows us to set the data size of the packet.
Data size of 15000 bytes has been chosen and we can see that it is fragmented through the network into a maximum data size 1480 bytes in each packet.
We can also see offset and identification field set in the ip header.

ICMP IP

Packets: 77 Duration: 11s Downloads: 2700

ospf over gre tunnel.cap 8.2 KB

Submitted Jun 13, 2012 by altafk

Configured ospf over GRE tunnel in which packets are double tagged with ip header, useful when there is no direct connection between the 2 routers but still we need to run ospf.

GRE IP OSPF

Packets: 63 Duration: 241s Downloads: 10300

connection termination.cap 316 bytes

Submitted Jun 5, 2012 by altafk

This is a connection termination packet in which both the server and client sends fin & ack to each other.
For details of how connection is been teared down by both client and server see the link below.
http://www.firewall.cx/networking-topics/protocols/tcp/136-tcp-flag-options.html

IP TCP

Packets: 4 Duration: n/a Downloads: 6244

ospf simple password authentication.cap 766 bytes

Submitted May 14, 2012 by altafk

Simple password authentication in ospf in which we can see password in clear text.
Also the auth type is also specified in the packet which is simple password.
I have also found a very interesting article regarding md5 auth mistakes made by many network engineers the link of which is below.

http://packetlife.net/blog/2010/jun/1/ospfv2-authentication-confusion/

IP OSPF

Packets: 7 Duration: 60s Downloads: 5715

icmp with record route option set.cap 1.2 KB

Submitted May 9, 2012 by altafk

ping packet with record route option set and IP addresses of all outgoing and incoming interfaces along the path.
In that we can also see position of current pointer.

ICMP IP

Packets: 10 Duration: 2s Downloads: 5369

dtls_null.cap 2.2 KB

Submitted May 5, 2012 by Kriki

DTLS handshake with one application data packet.
Authentication with server certificate only.

NULL encryption is used to demonstrate the transmission of "TESTING"

IP UDP

Packets: 7 Duration: 7s Downloads: 3430

IGMP_V1.cap 2.0 KB

Submitted Apr 2, 2012 by Emieeecy

All IGMP V1 requests : Query General, Join specific group

IGMP IP

Packets: 27 Duration: 259s Downloads: 6637

IGMP_V2.cap 1.3 KB

Submitted Mar 27, 2012 by Emieeecy

All IGMP V2 requests : Query General, Query specfic group, Join specific group, leave specific group

IGMP IP

Packets: 18 Duration: 133s Downloads: 8545

stun2.cap 102 bytes

Submitted Mar 2, 2012 by jello

Stun (2) Protocol. UDP Holepunching technique.

IP STUN UDP

Packets: 1 Duration: n/a Downloads: 3766

packet-c.cap 675.0 KB

Submitted Jan 31, 2012 by Slaingod

This is a packet capture from a SonicWall. We were troubleshooting DHCP packet flows. The SonicWall saw the DHCP Discover and Sent an Offer. We never saw the DHCP acknowledgement. In the adjacent core stacked switching we were running "debug ip dhcp server packets" we only saw discover packets from IP phones up to the SonicWall. For some reason the SonicWall could not let any other DHCP packets through or out of it INSIDE (LAN) interface. Even if we put an ANY-ANY ALC for that interface. We ended up having to replace the SonicWall and upload the configuration from the old SonicWall to the new one.

-Slaingod

BOOTP DNS HTTP IP LLC SKINNY SSL STP TCP UDP

Packets: 926 Duration: 13s Downloads: 8991

IPv6_RTSP.cap 15.5 KB

Submitted Jan 12, 2012 by Jawahar

This capture contains IPv6_RTSP packets. Accessed IPv6 enabled RTSP server using 6in4 tunnel.

IP UDP

Packets: 17 Duration: 3s Downloads: 4934

OCSP-Not_Implemted.cap 1.1 KB

Submitted Jun 10, 2011 by kerlenpondi

OCSP-Not_Implemted

HTTP IP OCSP TCP

Packets: 10 Duration: n/a Downloads: 6289

OCSP-Revoked.cap 1.8 KB

Submitted Jun 10, 2011 by kerlenpondi

OCSP (Comodo - FAKE crt Addons-mozilla-org)

HTTP IP OCSP TCP

Packets: 10 Duration: n/a Downloads: 5030

OCSP-Good.cap 3.5 KB

Submitted Jun 8, 2011 by kerlenpondi

OCSP_Good (CRL HTTPS CA Verisign)

DNS HTTP IP OCSP TCP UDP

Packets: 14 Duration: 1s Downloads: 6056

traceroute_MPLS.cap 3.3 KB

Submitted May 14, 2011 by stretch

ICMP IP UDP

Packets: 29 Duration: 3s Downloads: 11516

Showing 1 - 25 of 103