Specifications

ManualsBrandsCisco ManualsHome building and DecorNetwork Analysis Module 6000

201

202

203

204

205

206

207

208

209

210

Product Features 2-160

NAM / Traffic Analyzer v3.5 Tutorial

Product Features 2-160

NAM / Traffic Analyzer v3.5 Tutorial

Packet Capture and Decode

Decoding Packets

Packet Capture and Decode

Decoding Packets

This pane gives a hexadecimal

dump of the packet.

This pane gives a hexadecimal

dump of the packet.

From the Capture > Buffer or

Capture > Files dialogs, select

a buffer/File then Decode

From the Capture > Buffer or

Capture > Files dialogs, select

a buffer/File then Decode

This pane gives summary

information for each packet.

This pane gives summary

information for each packet.

This pane gives detailed information about

the packet highlighted in the summary

section.This section includes Layer 2, 3, and

4 headers and the contents of the data field.

This pane gives detailed information about

the packet highlighted in the summary

section.This section includes Layer 2, 3, and

4 headers and the contents of the data field.

Apply filter to limit

packets displayed

Apply filter to limit

packets displayed

Decoding Packets

To view and filter the results of your data capture, select the buffer to decode from the Capture > Buffers dialog,

and click Decode. The upper portion of the screen shows you summary information for each packet. Fields in

this section include:

Pkt—This includes the sequence number assigned by the NAM as it entered the switch.

Time—This is a relative timestamp indicating how much time has elapsed since the capture of the first

displayed packet (not the first packet in the buffer). You can also view time by absolute time. Check the User

Guide for more information.

Size—This field gives the size of the packet in bytes.

Source—This field gives the address (either Layer 2 or Layer 3) or IP host name of the device transmitting

the packet.

Destination—This field gives the address (either Layer 2 or Layer 3) or IP host name of the device receiving

the packet.

Protocol—This field gives the highest layer of protocol that the NAM recognizes.

Info—This field gives Information providing more detail about the packet.

The contents in the lower half of the screen provide you with detailed information about the packet you have

highlighted in the upper portion of the screen. This detailed information provides you with information in the fields

of each protocol header of the packet as well as the data field. You can also see the Layer 2 Ethernet header

information as well as portions of the layer 3 IP header information. Use the +/- symbols to the left of each

header to view more packet details. The bottom pain displays the hexadecimal dump of the packet, which

includes the same information as in the upper portion of the detail window, but written in hexadecimal.

You can also apply a filter on the contents in the frame to refine your view of packets (Display Filter button).

You can filter by IP or MAC address, or by a plaintext pattern found in packet summary, or you can apply a

custom, post-capture filter by choosing the option of your choice from the pull-down list above the Information

field.