Software Test Equipment
125
F I G U R E 3 . 5
EtherPeek's display filter options
Many software programs can take the data that was captured, analyze it, and
then produce reports that detail the probable causes, along with possible solutions.
Analyzers can vary greatly in the functions that the software provides.
EtherPeek Sample: Multicast Packet
Now look at some samples from EtherPeek. The first packet is actually a multicast
packet. As you see, the packet is broken down by protocol. The first section is the
Ethernet header, which contains Layer 2 address information.
Layer 3 follows Layer 2, so you see the IP header. The IP header contains all
pertinent information for IP, including the IP source and destination addresses. It
also defines the protocol riding above IP, Internet Group Management Protocol
(IGMP), which is used for multicast communications. Further down the packet
decode, you see the actual IGMP header.
Flags: 0x00
Status: 0x00
Packet Length:64
Timestamp: 12:12:58.349000 03/22/1999
Ethernet Header
Destination:
01:00:5f:00:00:04
Source:
08:00:20:7e:55:5f
Protocol Type:
08-00 IP
IP Header - Internet Protocol Datagram
Version:
4
Header Length:
5
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com