Using Wireshark to monitor TAN traffic¶
Wireshark is a tool that can be used to monitor traffic on a network. It can be used to monitor traffic within a TAN.
Prerequisites¶
The following items are required to make use of this guide:
- A Control Service environment
- At least two configured Endpoints
- Both endpoints should be able to ping and transfer data
- Wireshark
- Network traffic generator, such as iperf3
Note
See "Test connectivity" to confirm connectivity between two endpoints.
Monitor traffic with Wireshark¶
- Run Wireshark.
-
Double-click on a network interface to start monitoring traffic.
A capture filter may be specified, though using display filters is likely to be more flexible.
Note
Monitor a local ethernet or wireless interface, such as
enx00e4cd513f1
orwlp0s20f3
in the screenshot, to capture a broad range of traffic, including traffic specific to Connect. -
When the capture has started, the display will show packets being captured:
-
The captured packets may be filtered using a display filter:
To view traffic to and from an Endpoint, use
ipaddr == <address>
. The exact address to be used will depend on the host to be monitored and can be found in the Control Service web interface.
Refer to the Wireshark documentation for a more in-depth explanation of display filters and analysing traffic.
Generate traffic with iperf3¶
The iperf3 utility can be used to generate traffic between two Endpoints via the TAN.
Choose an Endpoint to act as the server, and another to act as the client.
Run iperf3 on the server Endpoint:
The output will show:
Make a note of the listening port <port>
.
Run iperf3 on the client Endpoint:
Replace <TAN Address>
with the TAN address of the Endpoint acting as server,
and <port>
with the port number shown by the server.
This will generate random traffic for 10 seconds, which will be visible in the network trace. The iperf3 documentation describes how to modify the traffic profile.