Packet Capture

GNS3 can capture packets on virtual Ethernet or serial interfaces. It will write the captured output to a libpcap file that may be viewed using WireShark. WireShark may be downloaded on http://www.wireshark.org.

Suppose we want to capture packets passing through the Serial interface on R2 (s0/0). Right-click somewhere along the line representing the link between R1 and R2. Choose Capture.

The drop-down arrow will allow you to choose which interface to monitor (R1 s0/0 or R2 s0/0). WireShark will automatically start, provided it has been configured under the Preferences window.

Notice that we can also choose the encapsulation type for serial interfaces. Choices are HDLC, PPP and Frame-Relay (FR). The default encapsulation for Cisco serial interfaces is HDLC.

Now let’s generate some traffic to test our capture. Ping R2 from R1. Then let’s refresh the WireShark window by pressing Ctrl+R. Scroll down to see the ICMP request and reply packets as a result of the ping. Packets are being captured whether we refresh the window or not.

Let’s back up and talk about the preferences for capturing packets. Choose Preferences from the Edit menu in GNS3. Then click on Capture in the left pane. Now you may specify the working directory for capture files, the command to use to start WireShark, and whether to automatically start WireShark when you choose to capture.

Also, note that you can see the ongoing captures in a window pane that you can activate in View menu-> Docks -> Captures.

What next?

You may also like these posts


Leave a comment

If you have a question, update, or comment about the article, please leave a comment. We try and respond to every comment, though it may take a few days, so please check back soon.

1 comment to VirtualBox

  • Anonymous

    This guide doesn’t explain what it is trying to achieve. It tells you what Virtualbox is but not what the end result is. It also doesn’t explain what the topology is (is it Virtualbox emulating two PCs on one physical PC?) or how you go about connecting to your host and editing your GNS3 preferences. I also don’t understand what The Linux Microcore is and how it relates to this example. The ‘linked clones’ seem to be over-complicating things and I can’t tell how you go about emulating routers, the prime purpose of this software. A good guide with some fairly fundamental mistakes.

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>