1 00:00:02,339 --> 00:00:05,256 (theatrical music) 2 00:00:08,588 --> 00:00:09,643 - In this particular video, 3 00:00:09,643 --> 00:00:11,434 I'd like to show you how to use Wireshark 4 00:00:11,434 --> 00:00:14,498 in your GNS3 topology so you can actually use this 5 00:00:14,498 --> 00:00:17,135 to do packet captures and learn more about how various 6 00:00:17,135 --> 00:00:19,053 protocols work and things like that 7 00:00:19,053 --> 00:00:21,114 so let's take a look at this. 8 00:00:21,114 --> 00:00:25,112 Now, when you've initially downloaded GNS3, 9 00:00:25,112 --> 00:00:26,907 you're presented with a box that a whole bunch 10 00:00:26,907 --> 00:00:29,626 of applications that were built into it and hopefully, 11 00:00:29,626 --> 00:00:32,219 you allowed it to also download Wireshark 12 00:00:32,219 --> 00:00:34,197 as part of its download process. 13 00:00:34,197 --> 00:00:37,629 If you did, using Wireshark in here is super easy. 14 00:00:37,629 --> 00:00:39,720 Just select a device that you wish. 15 00:00:39,720 --> 00:00:41,701 For example, I'm gonna do this router right here, 16 00:00:41,701 --> 00:00:44,948 and right click and you can see here in your options 17 00:00:44,948 --> 00:00:48,578 under right click the capture option. 18 00:00:48,578 --> 00:00:49,834 So now when I select capture, 19 00:00:49,834 --> 00:00:52,665 it's gonna ask me which interface on this device 20 00:00:52,665 --> 00:00:54,619 do I wish to start capturing packets 21 00:00:54,619 --> 00:00:56,104 and I'm gonna select the serial interface 22 00:00:56,104 --> 00:00:58,553 because I wanna learn a little bit more about frame relay 23 00:00:58,553 --> 00:01:00,515 and see what frame relay headers look like 24 00:01:00,515 --> 00:01:03,532 and I wanna see what EIGRP is doing across 25 00:01:03,532 --> 00:01:05,429 this frame relay connection. 26 00:01:05,429 --> 00:01:09,512 So as soon as I click this, Wireshark is gonna start up 27 00:01:09,512 --> 00:01:10,845 and let's hit OK 28 00:01:12,896 --> 00:01:14,593 and it's gonna start collecting packets. 29 00:01:14,593 --> 00:01:15,760 There it goes. 30 00:01:18,227 --> 00:01:19,195 Now while it's doing that, 31 00:01:19,195 --> 00:01:22,218 let's go ahead and bring up router two 32 00:01:22,218 --> 00:01:24,301 who has an EIGRP neighbor 33 00:01:29,480 --> 00:01:34,211 and here we can see the EIGRP process happening. 34 00:01:34,211 --> 00:01:35,866 So you can see it's very useful. 35 00:01:35,866 --> 00:01:40,033 So from here, because Wireshark has been built into GNS3, 36 00:01:43,136 --> 00:01:46,653 we can use it to capture things on any interface. 37 00:01:46,653 --> 00:01:50,537 And where this becomes really powerful is that 38 00:01:50,537 --> 00:01:53,032 let's say that you had your own home-based lab, 39 00:01:53,032 --> 00:01:54,693 a rack right next to you. 40 00:01:54,693 --> 00:01:56,757 Well, certainly if you had a hub or something, 41 00:01:56,757 --> 00:01:59,922 you could use plug a hub in between two routers 42 00:01:59,922 --> 00:02:02,369 or a router and a switch and then plug your laptop 43 00:02:02,369 --> 00:02:05,365 into that hub and use Wireshark on your laptop 44 00:02:05,365 --> 00:02:07,932 to capture stuff going across that Ethernet interface. 45 00:02:07,932 --> 00:02:10,558 Pretty simple, but what if you wanted to capture traffic 46 00:02:10,558 --> 00:02:13,564 on a WAN interface like a serial interface? 47 00:02:13,564 --> 00:02:16,308 You wanted to see your frame relay headers 48 00:02:16,308 --> 00:02:17,743 or maybe you're doing PPP 49 00:02:17,743 --> 00:02:19,423 and you wanna see what all the PPP, 50 00:02:19,423 --> 00:02:21,539 the Point-to-Point Protocol, looks like. 51 00:02:21,539 --> 00:02:24,011 Kinda hard to do that with real equipment, 52 00:02:24,011 --> 00:02:24,844 but you can see here 53 00:02:24,844 --> 00:02:27,826 because Wireshark is built into this virtual environment, 54 00:02:27,826 --> 00:02:30,790 it's super easy to just right click on any router 55 00:02:30,790 --> 00:02:33,672 and select any interface you want on that router 56 00:02:33,672 --> 00:02:37,295 so you can see all the layer-2 headers and everything. 57 00:02:37,295 --> 00:02:40,272 So that concludes this discussion on using Wireshark 58 00:02:40,272 --> 00:02:42,999 within the context of GNS3. 59 00:02:42,999 --> 00:02:45,916 (theatrical music)