Wireshark is a free and open source packet analyzer used for network troubleshooting and analysis. These activities will show you how to use Wireshark to capture and analyze IPv6 6in4 traffic. Note: These activities do not require an IPv6 Internet connection. 6in4 tunnels across IPv4.

Readings

edit

Preparation

edit

To prepare for this activity:

  1. Start Windows.
  2. Log in if necessary.
  3. Install Wireshark.
  4. Establish an IPv6 6in4 tunnel.

Activity 1 - Capture IPv6 6in4 Traffic

edit

To capture IPv6 6in4 traffic:

  1. Use ipconfig /all to verify that you have an IPv6 tunnel adapter. If not, simply read along to understand the following concepts.
  2. Start a Wireshark capture.
  3. Use ping 2001:4860:4860::8888 to ping an Internet host by IPv6 address.
  4. Stop the Wireshark capture.

Activity 2 - Analyze IPv6 6in4 Traffic

edit

To analyze IPv6 6in4 traffic:

  1. Observe the traffic captured in the top Wireshark packet list pane. Type ipv6.addr == 2001:4860:4860::8888 (lower case) in the Filter box and press Enter to select the generated traffic.
  2. Observe the packet details in the middle Wireshark packet details pane. Notice that it is an Ethernet II / Internet Protocol Version 4 / Internet Protocol Version 6 / Internet Control Message Protocol v6 frame. The IPv6 / ICMPv6 packets are encapsulated inside IPv4 packets and forwarded to a 6in4 IPv6 server for IPv6 forwarding.
  3. Close Wireshark to complete this activity. Quit without Saving to discard the captured traffic.

References

edit