For troubleshooting purposes, you might want to analyze packets flowing over a network. To capture packets (that is, store copies of packets on a local hard drive) for analysis, you could attach a network sniffer to a hub. Because a hub sends bits received on one port out all other ports, the attached network sniffer sees all traffic entering the hub.
Several standalone network sniffers are available. However, a low-cost way to perform packet capture and analysis is to use software such as wireshark, as shown in Figure 11_21.
A challenge arises, however, if you connect a network sniffer (for example, a laptop running the Wireshark software) to a switch port rather than to a hub port. Because a switch, by design, forwards frames out ports containing the frames' destination addresses, a network sniffer attached to one port would not see traffic destined for a device connected to a different port.
For example, in Figure 11-22, traffic enters a switch on port 1 and, based on the destination MAC address, exits via port 2. However, a network sniffer is connected to port 3 and is unable to see (and therefore capture) the traffic flowing between port 1 and 2.
Fortunately, some switches support a port mirroring feature, which makes a copy of traffic seen on one port and sends that duplicated traffic out another port (to which a network sniffer could be attached). As shown in Figure 11-23, this switch is configured to mirror traffic on port 2 to port 3, allowing a network sniffer to capture the packets that need to be analyzed. Depending on the switch, locally captured traffic could be forwarded to a remote destination for centralized analysis of that traffic.
About The Author
Anthony Sequeira, CCIE No. 15626, is a Cisco Certified Systems Instructor (CCSI) and author regarding all levels and tracks of Cisco Certification. Anthony formally began his career in the information technology industry in 1994 with IBM in Tampa, Florida. He quickly formed his own computer consultancy, Computer Solutions, and then discovered his true passion-teaching and writing about Microsoft and Cisco technologies. Anthony joined Mastering Computers in 1996 and lectured to massive audiences around the world about the latest in computer technologies. Mastering Computers became the revolutionary online training company, KnowledgeNet, and Anthony trained there for many years. Anthony is currently pursuing his second CCIE in the area of Security and is a full-time instructor for the next-generation of KnowledgeNet, StormWind.com. Anthony is also a VMware Certified Professional.
CompTIA Network+ N10-008 Cert Guide contains proven study features that allow you to succeed on the exam the first time. Expert instructor Anthony Sequeira shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills, essential for successful completion of the performance-based testing items on the exam. This complete, CompTIA-approved study package includes the following:
• A test-preparation routine proven to help you pass the exams
• Clearly defined chapter learning objectives covering all N10-008 exam topics
• Chapter-ending review questions and exam preparation exercises, which help you drill on key concepts you must know thoroughly
• The powerful Pearson Test Prep practice test software, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
• 40 performance-based exercises to help you prepare for the hands-on exam questions
• A free copy of the CompTIA Network+ N10-008 Simulator Lite software, complete with meaningful lab exercises that enhance your hands-on skills
• More than 60 minutes of video mentoring
• A final preparation chapter that guides you through tools and resources to help you craft your review and test taking strategies
• An Exam Essentials appendix that quickly recaps all major chapter topics for easy reference, both in print and interactive digital format
• A key terms Glossary in both print and on the companion website, which acts as an interactive flash-card application
• Study plan suggestions and templates to help you organize and optimize your study time
• A 10% exam discount voucher (a $33+ value!)
Well regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, video instruction, and hands-on labs, this approved study guide helps you master the concepts and techniques that ensure your exam success.
Master the topics on the CompTIA Network+ N10-008 exam, including:
• Network topologies and media types
• IP addressing
• Network services
• Data center architectures and cloud concepts
• Routing, Ethernet switching, and wireless networking
• Network availability and disaster recovery
• Network security
• Remote access
• Network troubleshooting
Reader Paulo Cardoso says, "This is a great book. In addition, it comes with great additional resources."
Learn more about the CompTIA Network+ N10-008 Cert Guide at amazon.com
More Network Troubleshooting and Support Articles:
• Structured Network Troubleshooting Methodology Step 5 Implement the Solution or Escalate as Necessary
• Network Address Translation (NAT) Protocol
• Putting Your SME Data on the Internet
• Metro Ethernet Fundamentals for WAN Connectivity
• Campus and WAN Multilayer Network Design
• Simple Checks to Diagnose Windows Network Problems
• Fiber Optic Cable Tester - What Is It and How to Use?
• The Case for Making the Transition from Sysadmin to DevOps Engineer
• Calculating VoIP Bandwidth
• Structured Network Troubleshooting Methodology Step 2 Establish a Theory of Probable Cause