Wireshark is a free and open source packet analyzer used for network troubleshooting and analysis. These activities will show you how to use Wireshark to capture and analyze IPv6 6to4 traffic. Note: These activities do not require an IPv6 Internet connection. 6to4 tunnels across IPv4.

Readings

edit

Preparation

edit

To prepare for this activity:

  1. Start Windows.
  2. Log in if necessary.
  3. Install Wireshark.
  4. Enable 6to4 if necessary.

Activity 1 - Capture IPv6 6to4 Traffic

edit

To capture IPv6 6to4 traffic:

  1. Use ipconfig /all to verify that you have a 6TO4 tunnel adapter. If not, simply read along to understand the following concepts.
  2. Start a Wireshark capture.
  3. Use ping 2001:4860:4860::8888 to ping an Internet host by IPv6 address.
  4. Stop the Wireshark capture.

Activity 2 - Analyze IPv6 6to4 Traffic

edit

To analyze IPv6 6to4 traffic:

  1. Observe the traffic captured in the top Wireshark packet list pane. Type ipv6.addr == 2001:4860:4860::8888 (lower case) in the Filter box and press Enter to select the generated traffic.
  2. Observe the packet details in the middle Wireshark packet details pane. Notice that it is an Ethernet II / Internet Protocol Version 4 / Internet Protocol Version 6 / Internet Control Message Protocol v6 frame. The IPv6 / ICMPv6 packets are encapsulated inside IPv4 packets and forwarded to the 6to4 relay at 192.88.99.1 for IPv6 forwarding.
  3. Close Wireshark to complete this activity. Quit without Saving to discard the captured traffic.

References

edit