Seeing the PDUs in Your Messages
We talked about how messages are transferred using layers and the different Protocol Data Units (PDUs) used at each layer. The objective of this Activity is for you to see the dif-
ferent PDUs in the messages that you send. To do this, we’ll use Wireshark, which is one of the world’s foremost network protocol analyzers, and is the de facto standard that most professional and education institutions use today. It is used for network troubleshooting, network analysis, software and communications protocol development, and general education about how networks work. computer, as well as some or all of the messages sent by other computers on your LAN, depending on how your LAN is designed. Most modern LANs are designed to prevent you from eavesdropping on other computer’s messages, but some older ones still permit this. Normally, your computer will ignore the messages that are not addressed for your computer, but Wireshark enables you to eavesdrop and read messages sent to and from other computers.
Wireshark is free. Before you start this activity, download and install it from www.wireshark.org.
1. Start Wireshark.
2. Click on Capture and then Interfaces. Click the Start button next to the active interface (the one that is receiving and sending packets). Your network data will be captured from this moment on.
3. Open your browser and go to a Web page that you have not visited recently (a good one is www.iana.org).
4. Once theWeb page has loaded, go back toWireshark and stop the packet capture by clicking on Capture and then Stop (the hot key for this is Ctrl + E).
5. You will see results similar to those in Figure 1-9. There are three windows below the tool bar:
a. The top window is the Packet List. Each line represents a single message or packet that was captured by Wireshark. Different types of packets will have different colors. For example, HTTP packets are colored green. Depending on how busy your network is, you may see a small number of packets in this window or a very large number of packets.
b. The middle window is the Packet Detail. This will show the details for any packet you click on in the top window.
c. The bottom window shows the actual contents of the packet in hexadecimal format, so it is usually hard to read. This window is typically used by network programmers to debug errors.