Part III | Exercises

Rita Mitra; Glenn Brown; Melanie Huffman; Hongyi Zhu

Part III | Exercises

Two networking tools that you can access for free are Cisco Packet Tracer and Wireshark. Try these both out with the instructions below!

Getting Started with Cisco Packet Tracer

Cisco’s Skills for All platform provides several free courses in networking and more. For this lab, we’re getting started with Cisco Packet Tracer.

Cisco Packet Tracer is a network simulation tool developed by Cisco Systems. Packet Tracer allows users to design, configure, and troubleshoot network topologies and imitate modern computer networks, without the need for physical hardware.

Watch this video for an overview of Cisco Packet Tracer, how to set it up, and the main features: Cisco Packet Tracer | Everything You Need to Know

Set up a free account at Cisco Networking Academy (https://www.netacad.com/). Then sign up for the free Getting Started with Cisco Packet Tracer Course (https://skillsforall.com/course/getting-started-cisco-packet-tracer?courseLang=en-US) to access Packet Tracer.

How does the home network in this exercise compare to your own?

Getting Started with Wireshark

Wireshark is a free application used to capture and view data traveling on a network. It provides the ability to drill down and read the contents of each packet and may be filtered to meet specific needs. It is commonly used to troubleshoot network problems and to develop and test software. This open-source protocol analyzer is widely accepted as the industry standard, winning its fair share of awards over the years. Originally known as Ethereal, Wireshark can display data from hundreds of different protocols on all major network types. Data packets can be viewed in real time or analyzed offline. Wireshark supports dozens of capture/trace file formats.

Installing Packets

You can download and install Wireshark, then investigate some of its basic functionality. Wireshark is available at no cost from the Wireshark Foundation website for Windows, macOS, and Linux operating systems (Wireshark comes prepackaged with most Linux distributions). StationX provides instructions for all three operating systems: How to Install Wireshark.

Download the latest stable release for your computer at the Wireshark Download page. After completing the installation process, the Welcome screen will launch. Identify which operating system you are using for Wireshark work, and confirm that you were able to install and launch it successfully.

Capturing Packets

On your launch of Wireshark, the list of available network connections on your current device displays an EKG-style line graph that represents live traffic on that respective network. Most likely, your Wi-Fi interface or Ethernet connection is the most active, depending on how you connect to the Internet. Choose the most active interface, and double-click on it to start network traffic capture. To capture a rich set of traffic, make sure your browser is open and pointed to at least a couple of sites, for example, the Internet Assigned Numbers Authority (IANA) website and the U.S. Space Force website.

To begin capturing packets, select one of the active network interfaces (Wi-Fi or Ethernet, whichever shows the most activity) by clicking on the interface description. Click on Capture in the main menu located toward the top of the Wireshark interface. When the drop-down menu appears, select the Start option. You can also initiate packet capturing via one of the following shortcuts.

Keyboard: Press Ctrl + E.
Mouse: To capture packets from one particular network, double-click on its name.
Toolbar: Click on the blue shark fin button on the far-left side of the Wireshark toolbar. Wireshark displays packet details as they are recorded during live capture.

To stop capturing:

Keyboard: Press Ctrl + E
Toolbar: Click on the red Stop button next to the shark fin on the Wireshark toolbar.

Now that you have recorded some network data, look at the captured packets. The captured data interface has three main sections: the packet list pane, packet details pane, and packet bytes pane. You may wish to resize these windows by clicking and dragging on the separator bar between them. Below is a description of these sections.

Packet List

The packet list pane, located at the top of the window, shows all packets found in the active capture file. Each packet has its own row and corresponding number assigned to it by Wireshark (not a packet number contained in any protocol’s header), along with each of these data points.

Time: Timestamp of when the packet was captured is displayed in this column. The default format is the number of seconds since the capture file was created. To change it to something more useful, like time of day, select the Time Display Format option from the View menu.
Source: This column contains the address (IP or other) where the packet originated.
Destination: This column contains the address that the packet is being sent to.
Protocol: The packet’s protocol name, such as TCP, can be found in this column. The protocol type field lists the highest-level protocol that sent or received this packet.
Length: The packet length, in bytes, is displayed in this column.
Info: Additional details about the packet are presented here. The contents of this column can vary greatly depending on packet contents.

When a packet is selected in the top pane, you may notice one or more symbols appear in the first column. Open or closed brackets and a straight horizontal line indicate whether a packet or group of packets are all part of the same back-and-forth conversation on the network. A broken horizontal line signifies that a packet is not part of said conversation.

Packet Details

The details pane, in the middle, presents the protocol fields of the selected packet in a collapsible format. In addition to expanding each selection, you can apply individual Wireshark filters based on specific details and follow streams of data based on protocol type via the details context menu, which is accessible by right-clicking your mouse on the desired item in this pane.

Packet Bytes

At bottom is the packet bytes pane, displaying raw data of the selected packet in hexadecimal view. This hex dump has 16 hexadecimal bytes and 16 ASCII bytes alongside the data offset. Selecting a specific portion of this data automatically highlights its corresponding section in the packet details pane and vice versa. Any bytes that cannot be printed are represented by a period.

You can choose to show this data in bit format as opposed to hexadecimal by right-clicking anywhere within the pane and selecting the appropriate option from the context menu. Note the Source and Destination columns and their IP address data. Can you locate your computer’s IP address? You can find the IP address of your Windows machine using these instructions from LSU.

Other Packet Tracer and Wireshark Labs

Now that you’re set up, continue exploring these two tools! Here are some ideas for exercises with walkthroughs:

Cisco Netacademy (Free Courses)

Wireshark

Networking Basics (OSI Protocols, Subnetting, etc.)

Networking Expert Ed Harmoush’s Practical Networking YouTube Channel

Comments Box

Do you have any comments (errors, suggestions, etc.) about this section? Please ping us by clicking on the link below and sharing your feedback/suggestions. Thank you!

Comments Box | Telecommunications and Networking | Part III Exercises

License

Icon for the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

Telecommunications and Networking Copyright © by Rita Mitra; Glenn Brown; Melanie Huffman; and Hongyi Zhu is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License, except where otherwise noted.