Sort by new | name | popular

Packet Captures

Showing 1 - 25 of 33

DNS Question & Answer.pcapng.cap 1.6 KB

Submitted Apr 16, 2014 by manjesh23

DNS Question and Answer

DNS IP UDP

Packets: 2 Duration: n/a Downloads: 1026

sflow.cap 1.8 KB

Submitted Oct 29, 2013 by hgsuttorp

SFLOW capture containing - counter sample packets - flow sample packet

IP SFLOW UDP

Packets: 9 Duration: 109s Downloads: 324

snoop-working-ccm7.cap 203.0 KB

Submitted Jul 22, 2013 by earnestavathan

H323 Phone registering!!!

H225 IP Q931 TCP TPKT UDP

Packets: 191 Duration: 1081s Downloads: 2557

dtls_null.cap 2.2 KB

Submitted May 5, 2012 by Kriki

DTLS handshake with one application data packet.
Authentication with server certificate only.

NULL encryption is used to demonstrate the transmission of "TESTING"

IP UDP

Packets: 7 Duration: 7s Downloads: 3420

stun2.cap 102 bytes

Submitted Mar 2, 2012 by jello

Stun (2) Protocol. UDP Holepunching technique.

IP STUN UDP

Packets: 1 Duration: n/a Downloads: 3757

packet-c.cap 675.0 KB

Submitted Jan 31, 2012 by Slaingod

This is a packet capture from a SonicWall. We were troubleshooting DHCP packet flows. The SonicWall saw the DHCP Discover and Sent an Offer. We never saw the DHCP acknowledgement. In the adjacent core stacked switching we were running "debug ip dhcp server packets" we only saw discover packets from IP phones up to the SonicWall. For some reason the SonicWall could not let any other DHCP packets through or out of it INSIDE (LAN) interface. Even if we put an ANY-ANY ALC for that interface. We ended up having to replace the SonicWall and upload the configuration from the old SonicWall to the new one.

-Slaingod

BOOTP DNS HTTP IP LLC SKINNY SSL STP TCP UDP

Packets: 926 Duration: 13s Downloads: 8972

IPv6_RTSP.cap 15.5 KB

Submitted Jan 12, 2012 by Jawahar

This capture contains IPv6_RTSP packets. Accessed IPv6 enabled RTSP server using 6in4 tunnel.

IP UDP

Packets: 17 Duration: 3s Downloads: 4920

OCSP-Good.cap 3.5 KB

Submitted Jun 8, 2011 by kerlenpondi

OCSP_Good (CRL HTTPS CA Verisign)

DNS HTTP IP OCSP TCP UDP

Packets: 14 Duration: 1s Downloads: 6046

traceroute_MPLS.cap 3.3 KB

Submitted May 14, 2011 by stretch

ICMP IP UDP

Packets: 29 Duration: 3s Downloads: 11496

DHCP_MessageType 10,11,12 and 13.cap 1.9 KB

Submitted Jan 31, 2011 by Jawahar

Access Concentrator/router queries lease for particular IP addresses using message type as "DHCP LEASE QUERY" and gets response as DHCP LEASE ACTIVE,LEASE UNASSIGNED and LEASE UNKNOWN.

Access Concenttrator/Router IP=10.10.39.14
DHCP server IP=10.10.35.33

BOOTP Ethernet IP UDP

Packets: 6 Duration: 13s Downloads: 8879

iphttps.cap 12.4 KB

Submitted Nov 12, 2010 by nacnud

IP-HTTPS capture. This is Microsoft's IPv6 inside HTTPS tunneling for DirectAccess.

ARP DNS Ethernet ICMPv6 IGMP IP IPv6 LLC NBNS NBSS SSL TCP UDP

Packets: 83 Duration: 38s Downloads: 9580

WCCPv2.pcap.cap 2.8 KB

Submitted Oct 5, 2010 by Ysaad

WCCP communication captures between 7200 Router and a WCCP capable optimization device (In my case it is Riverbed's Stealhead 2050)

Ethernet IP UDP WCCP

Packets: 15 Duration: 27s Downloads: 6351

rpvstp-access.pcap.cap 3.7 KB

Submitted Dec 16, 2009 by einval

Rapid per-VLAN spanning tree capture of an access port (without portfast), configured in VLAN 5.

DNS Ethernet IP LLC LOOP STP UDP

Packets: 49 Duration: 77s Downloads: 6045

LDP_Ethernet_FrameRelay.pcap.cap 2.1 KB

Submitted Dec 5, 2009 by pierky

LDP with pseudowire FEC elements (Ethernet and Frame-Relay DLCI-to-DLCI)

Ethernet IP LDP MPLS TCP UDP

Packets: 14 Duration: 7s Downloads: 6587

EoMPLS.cap 7.0 KB

Submitted Oct 12, 2009 by pierky

Routers at 1.1.2.1 and 1.1.2.2 are PEs in a MPLS cloud. LDP starts at packet 8 and they build up a pseudo-wire VC (last FEC in packets 11 and 13). At packet 15 we already have STP running between CE1 and CE2 (two routers with ESW), encapsulated in 2 MPLS headers. All the ethernet stuff follows: CDP, ARP, ICMP between two hosts on the same subnet.

Ethernet IP LOOP MPLS TCP UDP

Packets: 56 Duration: 32s Downloads: 7265

DHCP_Inter_VLAN.cap 2.0 KB

Submitted Sep 30, 2009 by pierky

R1 is a router-on-a-stick. It receives a DHCP Discover on the trunk interface, it sets the "Relay agent IP address" to the sub-interface's IP address it received the packet on and, finally, it forwards it to the DHCP server. Capture perspective is R1-DHCP server link.

BOOTP Ethernet IP UDP

Packets: 4 Duration: n/a Downloads: 6735

DHCP.cap 5.8 KB

Submitted Sep 29, 2009 by pierky

R0 is the client and R1 is the DHCP server. Lease time is 1 minute.

BOOTP Ethernet IP UDP

Packets: 12 Duration: 153s Downloads: 8599

TDP.cap 2.8 KB

Submitted Sep 14, 2009

P2 and PE2 exchange Tag Distribution Protocol hellos and form an adjacency over TCP port 711.

Ethernet IP TCP TDP UDP

Packets: 33 Duration: 47s Downloads: 4186

SNMPv2c_get_requests.cap 894 bytes

Submitted Sep 14, 2009

SNMPv2c get requests are issued from a manager to an SNMP agent in order to monitor the bandwidth utilization of an interface.

Ethernet IP SNMP UDP

Packets: 8 Duration: n/a Downloads: 4965

RIPv2_subnet_down.cap 1.3 KB

Submitted Sep 14, 2009

RIPv2 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #7. Capture perspective from R1's 10.0.0.1 interface.

Ethernet IP RIP UDP

Packets: 10 Duration: 86s Downloads: 5181

RIPv2.cap 1.7 KB

Submitted Sep 14, 2009

A RIPv2 router periodically flooding its database. Capture perspective from R1's 10.0.0.1 interface.

Ethernet IP RIP UDP

Packets: 12 Duration: 141s Downloads: 5844

RIPv1_subnet_down.cap 1.0 KB

Submitted Sep 14, 2009

RIPv1 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #5. Capture perspective from R1's 10.0.1.1 interface.

Ethernet IP RIP UDP

Packets: 8 Duration: 58s Downloads: 4155

RIPv1.cap 876 bytes

Submitted Sep 14, 2009

A RIPv1 router periodically flooding its database. Capture perspective from R1's 10.0.1.1 interface.

Ethernet IP RIP UDP

Packets: 6 Duration: 65s Downloads: 4720

RADIUS.cap 775 bytes

Submitted Sep 14, 2009

A RADIUS authentication request is issued from a switch at 10.0.0.1 on behalf of an EAP client. The user authenticates via MD5 challenge with the username "John.McGuirk" and the password "S0cc3r".

Ethernet IP RADIUS UDP

Packets: 4 Duration: n/a Downloads: 8453

PIM-DM_pruning.cap 10.2 KB

Submitted Sep 14, 2009

The multicast source at 172.16.40.10 begins sending traffic to the group 239.123.123.123, and PIM-DM floods the traffic down the tree. R4 has no group members, and prunes itself from the tree. R2 and R3 then realize they have no members, and each prunes itself from the tree. The capture shows R2 receiving the multicast traffic flooded from R1 and subsequently pruning itself every three minutes.

Ethernet IP PIM UDP

Packets: 38 Duration: 415s Downloads: 4271

Showing 1 - 25 of 33