Difference between revisions of "Multi-Tap Network Packet Capturing"

From NST Wiki
Jump to navigationJump to search
(Multi-Tap Network Packet Capture: NAT/PAT Traffic)
(Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches)
Line 11: Line 11:
  
 
== Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches ==
 
== Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches ==
The diagram depicted below shows an example '''Dual-Tap Capture Setup''' for monitoring GigaBit traffic between 2 Gigabit switches. In this case a generic notebook computer was used and configured with 3 network interfaces (A built-in Gigabit LAN adapter, a Gigabit LAN adapter PC-Card and a built-in 802.11g/n wireless adapter for secure remote access and
+
The diagram displayed below shows an example '''Dual-Tap Capture Setup''' for monitoring network traffic between 2 Gigabit switches. In this case a generic notebook computer was used and configured with 3 network interfaces (A built-in Gigabit LAN adapter, a Gigabit LAN adapter PC-Card and a built-in 802.11g/n wireless adapter for secure remote access and
 
control of '''NST''').
 
control of '''NST''').
  
 
[[Image:Nst_dual_tap_networking.png]]
 
[[Image:Nst_dual_tap_networking.png]]

Revision as of 07:20, 2 July 2008

Overview

This section will demonstrate the use of Multi-Tap Network Packet Capture with NST. The NST WUI implementation supports simultaneous Packet Capture on up to 4 network interfaces (Quad Tap) per multi-tap capture session. NST uses the Wireshark network protocol analyzer suite for network packet capture. The light-weight network packet capture tool: "dumpcap" is used as the capture engine.

When capturing packets at Gigabit Ethernet rates and one needs total visibility on the link, then a passive tap is required. Net Optics, a global leader in passive monitoring, makes an excellent 10/100/1000BaseT Tap (TP-CU3) for passively allowing access to monitor GigaBit traffic.

Multi-Tap Network Packet Capture: NAT/PAT Traffic

The diagram depicted below shows an example Multi-Tap Capture Setup for monitoring GigaBit traffic across a firewall boundary. We will explore the capturing of packets as they transverse the firewall and undergo both Network and Port Address Translation.

File:Nst quad tap networking2.png
Multi-Tap Packet Capture: Packet Capture Across A Firewall Using NAT/PAT

Multi-Tap Network Packet Capture: Traffic Between Gigabit Switches

The diagram displayed below shows an example Dual-Tap Capture Setup for monitoring network traffic between 2 Gigabit switches. In this case a generic notebook computer was used and configured with 3 network interfaces (A built-in Gigabit LAN adapter, a Gigabit LAN adapter PC-Card and a built-in 802.11g/n wireless adapter for secure remote access and control of NST).

Nst dual tap networking.png