Using Wireshark to identify and analyze ARP, ICMP, and DNS traffic is a great tool to add to a network engineer's toolkit. Many of the most easily corrected problems on a network can be solved by understanding proper operation of these protocols.
Network engineers can quickly become frustrated with unusual network performance issues. While most engineers are familiar with ARP and know how to clear a cache on a device, and they use ping regularly to troubleshoot networks, understanding both ARP and ICMP operation at the packet level will bring a new way to quickly solve network issues. In this course, Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS, you will gain the ability to use Wireshark captures to detect and understand network issues causing performance problems. First, you will see how to customize the Wireshark interface, creating profiles for unique troubleshooting situations. Next, you will discover ARP operation, what it means, and how to use it to identify specific behaviors of network traffic. Finally, you will explore how to analyze ICMP types and codes in Wireshark, so you can use it to troubleshoot networks in a new way. When you are finished with this course, you will have the skills and knowledge of Wireshark protocol analysis needed to analyze and troubleshoot ARP, ICMP, and DNS traffic on your network.
Course Overview Hi everyone. My name is Ross Bagurdes, and welcome to my course, Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS. I'm a network engineer with more than 20 years experience building enterprise networks and teaching people about them. Wireshark is a truly amazing utility. However, it demands that a user have an understanding of network and application protocol behavior in order to benefit the engineer using it. By continuing to build one's skills with protocol analysis, one can use Wireshark to observe network and application performance issues and become a true IT troubleshooting superstar. In this course, I will enhance your Wireshark and protocol analysis skills by discussing and demonstrating customizing the Wireshark interface and colorizing rules. We'll explain how to look for layer 2 issues with ARP. We'll describe how to use ICMP messages to understand behaviors and errors in an internetwork and examine how a slow response from a DNS server can cause an apparent website slowness issue. By the end of this course, you will be able to use Wireshark to capture and identify network latency via ICMP, ARP, or DNS, among other things. Before beginning the course, you should be familiar with the Getting Started with Traffic Analysis Using Wireshark course. And from here, you should feel comfortable moving on to the rest of the courses in the Wireshark learning path. I hope you'll join me on this journey to learn network and application troubleshooting with the Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS course, here at Pluralsight.