Packet Captures
traceroute_MPLS.cap 3.3 KB
Submitted May 14, 2011 by stretch
Packets: 29 | Duration: 3s | Downloads: 19268 |
RADIUS.cap 775 bytes
Submitted Sep 14, 2009
A RADIUS authentication request is issued from a switch at 10.0.0.1 on behalf of an EAP client. The user authenticates via MD5 challenge with the username "John.McGuirk" and the password "S0cc3r".
Packets: 4 | Duration: n/a | Downloads: 15696 |
packet-c.cap 675.0 KB
Submitted Jan 31, 2012 by Slaingod
This is a packet capture from a SonicWall. We were troubleshooting DHCP packet flows. The SonicWall saw the DHCP Discover and Sent an Offer. We never saw the DHCP acknowledgement. In the adjacent core stacked switching we were running "debug ip dhcp server packets" we only saw discover packets from IP phones up to the SonicWall. For some reason the SonicWall could not let any other DHCP packets through or out of it INSIDE (LAN) interface. Even if we put an ANY-ANY ALC for that interface. We ended up having to replace the SonicWall and upload the configuration from the old SonicWall to the new one.
-Slaingod
BOOTP DNS HTTP IP LLC SKINNY SSL STP TCP UDP
Packets: 926 | Duration: 13s | Downloads: 15586 |
iphttps.cap 12.4 KB
Submitted Nov 12, 2010 by nacnud
IP-HTTPS capture. This is Microsoft's IPv6 inside HTTPS tunneling for DirectAccess.
ARP DNS Ethernet ICMPv6 IGMP IP IPv6 LLC NBNS NBSS SSL TCP UDP
Packets: 83 | Duration: 38s | Downloads: 14514 |
DHCP_MessageType 10,11,12 and 13.cap 1.9 KB
Submitted Jan 31, 2011 by Jawahar
Access Concentrator/router queries lease for particular IP addresses using message type as "DHCP LEASE QUERY" and gets response as DHCP LEASE ACTIVE,LEASE UNASSIGNED and LEASE UNKNOWN.
Access Concenttrator/Router IP=10.10.39.14
DHCP server IP=10.10.35.33
Packets: 6 | Duration: 13s | Downloads: 13490 |
path_MTU_discovery.cap 6.2 KB
Submitted Sep 14, 2009
Tracepath is used to determine the MTU of the path between hosts 192.168.0.2 and .1.2. Packet #6 contains an ICMP "fragmentation needed" message, indicating the MTU for that hop is 1400 bytes.
Packets: 8 | Duration: n/a | Downloads: 13106 |
ISAKMP_sa_setup.cap 2.0 KB
Submitted Sep 14, 2009
An ISAKMP session is established prior to setting up an IPsec tunnel. Phase one occurs in main mode, and phase two occurs in quick mode.
Packets: 9 | Duration: n/a | Downloads: 12247 |
EoMPLS.cap 7.0 KB
Submitted Oct 12, 2009 by pierky
Routers at 1.1.2.1 and 1.1.2.2 are PEs in a MPLS cloud. LDP starts at packet 8 and they build up a pseudo-wire VC (last FEC in packets 11 and 13). At packet 15 we already have STP running between CE1 and CE2 (two routers with ESW), encapsulated in 2 MPLS headers. All the ethernet stuff follows: CDP, ARP, ICMP between two hosts on the same subnet.
Packets: 56 | Duration: 32s | Downloads: 11498 |
DHCP.cap 5.8 KB
Submitted Sep 29, 2009 by pierky
R0 is the client and R1 is the DHCP server. Lease time is 1 minute.
Packets: 12 | Duration: 153s | Downloads: 11468 |
DHCP_Inter_VLAN.cap 2.0 KB
Submitted Sep 30, 2009 by pierky
R1 is a router-on-a-stick. It receives a DHCP Discover on the trunk interface, it sets the "Relay agent IP address" to the sub-interface's IP address it received the packet on and, finally, it forwards it to the DHCP server. Capture perspective is R1-DHCP server link.
Packets: 4 | Duration: n/a | Downloads: 11392 |
RIPv2.cap 1.7 KB
Submitted Sep 14, 2009
A RIPv2 router periodically flooding its database. Capture perspective from R1's 10.0.0.1 interface.
Packets: 12 | Duration: 141s | Downloads: 10402 |
DHCPv6.cap 1.6 KB
Submitted Mar 4, 2015 by fxs007
sample dhcpv6 client server transaction solicit(fresh lease)/advertise/request/reply/release/reply.
Packets: 12 | Duration: 13s | Downloads: 10008 |
LDP_adjacency.cap 5.7 KB
Submitted Sep 14, 2009
PE1 and P1 multicast LDP hellos to 224.0.0.2 on UDP port 646. They then establish an adjacency on TCP port 646 and exchange labels.
Packets: 61 | Duration: 108s | Downloads: 9751 |
DNS Question & Answer.pcapng.cap 1.6 KB
Submitted Apr 16, 2014 by manjesh23
DNS Question and Answer
Packets: 2 | Duration: n/a | Downloads: 9730 |
LDP_Ethernet_FrameRelay.pcap.cap 2.1 KB
Submitted Dec 5, 2009 by pierky
LDP with pseudowire FEC elements (Ethernet and Frame-Relay DLCI-to-DLCI)
Packets: 14 | Duration: 7s | Downloads: 9652 |
gmail.pcapng.cap 508.6 KB
Submitted Aug 7, 2014 by tmuhimbisemoses
Sample packet capture I created during an attempt to view login details.
ARP DHCPV6 DNS HTTP IP IPv6 NBNS SSL TCP TEREDO UDP
Packets: 793 | Duration: 32s | Downloads: 9585 |
dhcp-auth.cap 458 bytes
Submitted Aug 28, 2015 by DoubleJ
Dhcp v4 Offer with Auth using Options 53,1,54,51,3,6,66,120,61,90,82
Packets: 1 | Duration: n/a | Downloads: 9381 |
rpvstp-access.pcap.cap 3.7 KB
Submitted Dec 16, 2009 by einval
Rapid per-VLAN spanning tree capture of an access port (without portfast), configured in VLAN 5.
DNS Ethernet IP LLC LOOP STP UDP
Packets: 49 | Duration: 77s | Downloads: 9165 |
OCSP-Good.cap 3.5 KB
Submitted Jun 8, 2011 by kerlenpondi
OCSP_Good (CRL HTTPS CA Verisign)
Packets: 14 | Duration: 1s | Downloads: 8911 |
WCCPv2.pcap.cap 2.8 KB
Submitted Oct 5, 2010 by Ysaad
WCCP communication captures between 7200 Router and a WCCP capable optimization device (In my case it is Riverbed's Stealhead 2050)
Packets: 15 | Duration: 27s | Downloads: 8735 |
RIPv2_subnet_down.cap 1.3 KB
Submitted Sep 14, 2009
RIPv2 routes are being flooded on the R1-R2 link. R2's connection to 192.168.2.0/24 goes down, and the route is advertised as unreachable (metric 16) in packet #7. Capture perspective from R1's 10.0.0.1 interface.
Packets: 10 | Duration: 86s | Downloads: 8552 |
SNMPv3.cap 1.3 KB
Submitted Oct 7, 2015 by nra
This is a SNMPv3 (IPv4) Captures.Where SNMP manager is requesting to SNMP agent using SNMPv3.
SNMP Manager: 192.168.29.58 SNMP agent: 192.168.29.160 SNMP ver: 3 Level: AuthPriv Authentication: MD5 Encryption: AES 128
Regards Suman S
Packets: 8 | Duration: 10s | Downloads: 8351 |
SNMPv2c_get_requests.cap 894 bytes
Submitted Sep 14, 2009
SNMPv2c get requests are issued from a manager to an SNMP agent in order to monitor the bandwidth utilization of an interface.
Packets: 8 | Duration: n/a | Downloads: 8085 |
RIPv1.cap 876 bytes
Submitted Sep 14, 2009
A RIPv1 router periodically flooding its database. Capture perspective from R1's 10.0.1.1 interface.
Packets: 6 | Duration: 65s | Downloads: 7673 |
HSRP_failover.cap 3.0 KB
Submitted Sep 14, 2009
R1 is the active router, R3 is the standby, and R2 is passive. R1 goes offline and R3 takes over as active after ten seconds. R2 is then promoted to the standby state.
Packets: 39 | Duration: 47s | Downloads: 7592 |