Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS

Using Wireshark to identify and analyze ARP, ICMP, and DNS traffic is a great tool to add to a network engineer's toolkit. Many of the most easily corrected problems on a network can be solved by understanding proper operation of these protocols.
Course info
Level
Intermediate
Updated
Dec 27, 2018
Duration
3h 18m
Table of contents
Description
Course info
Level
Intermediate
Updated
Dec 27, 2018
Duration
3h 18m
Description

Network engineers can quickly become frustrated with unusual network performance issues. While most engineers are familiar with ARP and know how to clear a cache on a device, and they use ping regularly to troubleshoot networks, understanding both ARP and ICMP operation at the packet level will bring a new way to quickly solve network issues. In this course, Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS, you will gain the ability to use Wireshark captures to detect and understand network issues causing performance problems. First, you will see how to customize the Wireshark interface, creating profiles for unique troubleshooting situations. Next, you will discover ARP operation, what it means, and how to use it to identify specific behaviors of network traffic. Finally, you will explore how to analyze ICMP types and codes in Wireshark, so you can use it to troubleshoot networks in a new way. When you are finished with this course, you will have the skills and knowledge of Wireshark protocol analysis needed to analyze and troubleshoot ARP, ICMP, and DNS traffic on your network.

About the author
About the author

For nearly 20 years, Ross has taught and managed data networks.

More from the author
5G Networks: Executive Briefing
Beginner
28m
Jun 4, 2019
More courses by Ross Bagurdes
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Ross Bagurdes, and welcome to my course, Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS. I'm a network engineer with more than 20 years experience building enterprise networks and teaching people about them. Wireshark is a truly amazing utility. However, it demands that a user have an understanding of network and application protocol behavior in order to benefit the engineer using it. By continuing to build one's skills with protocol analysis, one can use Wireshark to observe network and application performance issues and become a true IT troubleshooting superstar. In this course, I will enhance your Wireshark and protocol analysis skills by discussing and demonstrating customizing the Wireshark interface and colorizing rules. We'll explain how to look for layer 2 issues with ARP. We'll describe how to use ICMP messages to understand behaviors and errors in an internetwork and examine how a slow response from a DNS server can cause an apparent website slowness issue. By the end of this course, you will be able to use Wireshark to capture and identify network latency via ICMP, ARP, or DNS, among other things. Before beginning the course, you should be familiar with the Getting Started with Traffic Analysis Using Wireshark course. And from here, you should feel comfortable moving on to the rest of the courses in the Wireshark learning path. I hope you'll join me on this journey to learn network and application troubleshooting with the Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS course, here at Pluralsight.