Got it

TCP flow

Created: Mar 13, 2019 13:49:29Latest reply: Mar 18, 2019 00:48:42 1115 13 0 0 0
  Rewarded HiCoins: 0 (problem resolved)

Hello!


This post is about TCP flow.


I would like to analyze a TCP flow via eNSP.


Is there a way to do this with some sample configuration?

  • x
  • convention:

Featured Answers
chenhui
Admin Created Mar 15, 2019 01:28:03

Posted by valiji_23 at 2019-03-14 05:33@chenhui Sorry I did not make myself clear. I want to follow a TCP stream. I know the p***edure usi ...

http


As the picture above shows, you can add a server and a client on eNSP; also, a switch is needed between them because we can't do the packet capture if the client connects to the server directly.

View more

This article contains more resources

You need to log in to download or view. No account? Register

x
  • x
  • convention:

valiji_23
valiji_23 Created Mar 17, 2019 06:44:56 (0) (0)
Thank you so much for the help.  
valiji_23
valiji_23 Created Mar 17, 2019 06:50:38 (0) (0)
@chenhui Can you please tell me why can't we capture data directly between client and server  
All Answers
chenhui
chenhui Admin Created Mar 14, 2019 00:50:39

@valiji_23 hello,
I'm not sure which TCP flow you want to analyse, or you just want to analyse the TCP 3-way handshake process?
View more
  • x
  • convention:

chenhui
chenhui Admin Created Mar 14, 2019 00:53:29

if you are not concern about the type of TCP traffic, you can just implement BGP on two routers, then capture the packet between the two routers, you will get the TCP traffic since the BGP establish neighbor through TCP 179
View more
  • x
  • convention:

chenhui
chenhui Admin Created Mar 14, 2019 00:54:33

by the way, for capture the packets using wireshark, you can refer to https://forum.huawei.com/enterprise/en/Tools-How-to-use-wireshark-to-capture-packets/thread/479981-861
View more
  • x
  • convention:

Scott_Qing
Scott_Qing Created Mar 14, 2019 02:43:20

as @chenhui said, you can capture the tcp packets by enable bgp, you can also do it by adding the server in ensp, the server provides a http server option.
View more
  • x
  • convention:

valiji_23
valiji_23 Created Mar 14, 2019 05:34:34 (0) (0)
Yes the server provides http option but no option to capture data on server interface  
valiji_23
valiji_23 Created Mar 14, 2019 05:33:09

@chenhui Sorry I did not make myself clear. I want to follow a TCP stream. I know the procedure using wireshark but like if I capture data between two bgp enabled nodes, I can get the tcp stream but I want to make sense of the data.
The data is usually bunch of dots and special symbols. I need an example where I can see some meaningful data which can be interpreted.
View more
  • x
  • convention:

chenhui
chenhui Admin Created Mar 15, 2019 01:00:59

Posted by valiji_23 at 2019-03-14 05:33 @chenhui Sorry I did not make myself clear. I want to follow a TCP stream. I know the procedure usi ...
actually you can do it as @Scott_Qing said,
View more
  • x
  • convention:

chenhui
chenhui Admin Created Mar 15, 2019 01:28:03

Posted by valiji_23 at 2019-03-14 05:33@chenhui Sorry I did not make myself clear. I want to follow a TCP stream. I know the p***edure usi ...

http


As the picture above shows, you can add a server and a client on eNSP; also, a switch is needed between them because we can't do the packet capture if the client connects to the server directly.

View more

This article contains more resources

You need to log in to download or view. No account? Register

x
  • x
  • convention:

valiji_23
valiji_23 Created Mar 17, 2019 06:44:56 (0) (0)
Thank you so much for the help.  
valiji_23
valiji_23 Created Mar 17, 2019 06:50:38 (0) (0)
@chenhui Can you please tell me why can't we capture data directly between client and server  
chenhui
chenhui Admin Created Mar 15, 2019 01:29:57

@valiji_23 hope this could help you, contact me if any problem
View more
  • x
  • convention:

chenhui
chenhui Admin Created Mar 18, 2019 00:46:50

sorry, but I'm not sure why we can't capture data directly between client and server.
maybe it's just because ensp is a network simulator, the developers didn't take situation of the directly connection between client and server into consideration.
View more
  • x
  • convention:

12
Back to list

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.