Wireshark is a useful network monitoring tool for anyone working with networks and can be used with most labs in the Cisco Certified Network Associate (CCNA) courses for data analysis and troubleshooting. It can be used to view sample values contained in IP header fields.
The three figures contain sample captures of various IP packets:
- Figure 1 displays the contents of packet number 2 in this sample capture. Note that the Source is listed as 192.168.1.109 and the Destination is listed as 192.168.1.1. The middle window contains information about the IPv4 header, such as the header length, total length, and any flags that are set.
- Figure 2 displays the contents of packet number 8 in this sample capture. This is an HTTP packet. Also notice the presence of information beyond the TCP section.
- Finally, Figure 3 displays the contents of packet number 16 in this sample capture. The sample packet is a ping request from host 192.168.1.109 to host 192.168.1.1. Notice how there is no TCP or UDP information because this is an Internet Control Message Protocol (ICMP) packet.