Wireshark/IPv6 6in4
Wireshark is a free and open source packet analyzer used for network troubleshooting and analysis. These activities will show you how to use Wireshark to capture and analyze IPv6 6in4 traffic. Note: These activities do not require an IPv6 Internet connection. 6in4 tunnels across IPv4.
Readings
[edit | edit source]Preparation
[edit | edit source]To prepare for this activity:
- Start Windows.
- Log in if necessary.
- Install Wireshark.
- Establish an IPv6 6in4 tunnel.
Activity 1 - Capture IPv6 6in4 Traffic
[edit | edit source]To capture IPv6 6in4 traffic:
- Use ipconfig /all to verify that you have an IPv6 tunnel adapter. If not, simply read along to understand the following concepts.
- Start a Wireshark capture.
- Use ping 2001:4860:4860::8888 to ping an Internet host by IPv6 address.
- Stop the Wireshark capture.
Activity 2 - Analyze IPv6 6in4 Traffic
[edit | edit source]To analyze IPv6 6in4 traffic:
- Observe the traffic captured in the top Wireshark packet list pane. Type ipv6.addr == 2001:4860:4860::8888 (lower case) in the Filter box and press Enter to select the generated traffic.
- Observe the packet details in the middle Wireshark packet details pane. Notice that it is an Ethernet II / Internet Protocol Version 4 / Internet Protocol Version 6 / Internet Control Message Protocol v6 frame. The IPv6 / ICMPv6 packets are encapsulated inside IPv4 packets and forwarded to a 6in4 IPv6 server for IPv6 forwarding.
- Close Wireshark to complete this activity. Quit without Saving to discard the captured traffic.