Simplicity is the ultimate sophistication

Font Size





Wireshark Tools


wsbadge@186x57[1]Here is a copy and paste of the page (https://wiki.wireshark.org/Tools) .I decided to copy and paste the webpage here because I use active reading and I will edit the page later deleting what I do not need and adding my comments where I consider it useful. I already highlighted the ones that can help me to solve an immediate need: post packet captures online in a CloudShark like style, for my own use and future references.

Network blood test

Here is a short list with things everyone should check in order to make sure their network is OK
  • No shared Ethernet segments are saturated (no more than 40 percent sustained network utilization). New segments should use switched and not shared technology.
  • No WAN links are saturated (no more than 70 percent sustained network utilization).
  • The response time is generally less than 100ms (one-tenth of a second). More commonly less than 2ms in a LAN.
  • No segments have more than 20 percent broadcasts or multicast traffic. Broadcasts are sent to all hosts in a network and should be limited. Multicast traffic is sent to a group of hosts but should also be controlled and limited to only those hosts registered to receive it.
  • No segments have more than one cyclic redundancy check (CRC) error per million bytes of data.
  • On the Ethernet segments, less than 0.1 percent of the packets result in collisions.
  • A CPU utilization at or over 75 percent for a 5-minute interval likely suggests network problems. Normal CPU utilization should be much lower during normal periods.
  • The number of output queue drops has not exceeded 100 in an hour on any Cisco router.
  • The number of input queue drops has not exceeded 50 in an hour on any Cisco router.
  • The number of buffer misses has not exceeded 25 in an hour on any Cisco router.
  • The number of ignored packets has not exceeded 10 in an hour on any interface on a Cisco router.
If all these are OK then the blood that flows through the veins of your network is OK!

Free AAA: Tacacs+ vs Radius

Here is a short article that will help and guide you in case you have to select one of these two protocols for controlling the access to your devices. The first thing you have to bear in mind is that while Tacacs is a propietary protocol (Cisco) Radius is an open standard protocol and it is natively supported by many applications and network devices. Plese see below a comparision table between the two protocols:

A quick look at traffic generators

Due to a change in priorities for the client I am working with I will have to postpone studying BGP (actually resuming this) and to start learning QoS and to add some Voice to my skills. This is a great opportunity and I am very happy that I can learn this.
Any serious QoS learning will involve testing and I don't think that you can seriously do that without using a traffic generator. So here is the list with traffic generators that I am currently evaluating and my opinions about each of them:
  1. TTCP
  2. IxChariot
  3. JPerf/Iperf
  4. Pagent
  5. Packet Builder
  6. Scapy
  7. Ostinato
  8. Mtools
  9. MGEN
  10. Rude/Crude
  11. UDPgen
  12. UDP Generator
  13. Network Traffic Generator
  14. MxTraf
  15. NTGen
  16. Netperf
  17. Traffic Generator Tool
  18. TfGen
  19. Packet Shell
  20. Real-Time Voice Traffic Generator
  21. Self Similar Traffic Generator
  22. PacGen packet forger
  23. IPGen packet forger
  24. IP-Packet packet forger
  25. GenSyn
  26. Netspec Traffic emulator
  27. Surge Traffic emulator
  28. Poisson Traffic Generator
  29. FTP traffic generator
  30. Brawny and Rough Udp Traffic Engine
  31. Jugi's Traffic Generator (jtg)
  32. TrafGen
  33. SPAK, Packet Generator
  34. TTCP, Test TCP
  35. PIM-SM, Protocol Independent Multicast Packet Generator
  36. KUTE-- Kernel-based Traffic Engine
  37. GEIST - Generator of E-commerce and Internet server Traffic

Commercial Tools

LANdecoder32T Traffic Generator  
LANTraffic V2 and IP Traffic Test & Measure  
Traffic Generator for Wide Area Networks  
Candela Technologies LANforge-FIRE Network Traffic Generator Testing Specific Protocols  
ProvaGEN 3.0  
Internetworking Test Traffic Generation Programs  
Omnicor Hardware IP traffic generators    
Omnicor Software IP traffic generators  
Skaion's Traffic Generation System (TGS)  

While waiting for AutoNetKit for GNS3/UNL–AuotIP for GNS3


It all started with learning the IP packet fields. One of these fields is IP record route and I wanted to test this option. To properly test this you need more than a pair of routers linked together and you need either static routing or dynamic routing enabled, both of them quite tedious and boring tasks. I told myself: “You are going to have to do this 10000 times before you get your number –if ever Smile - so you better find a quick way to do it” 
I knew about KiwiCattools but that tool still requires a lot of manual work and no templating. I also knew about Ansible but guess what Ansible has nothing decent for configuring the devices without creating templates and moreover nothing like walking the topology and automatically assigning IPs. Then what..what else? VIRL? No, no way, sorry Cisco but I have a problem with the maximum device number and with the annual subscription. So here I am in on Friday morning scratching my head what to do to get around this… The conclusion was that there is no way around it so I decide build my own tool.

The results can be seen at https://github.com/1001QAdotNET/AutoIP4GNS3