In this case, I'll make this a single switch with two hosts connected using OpenFlow 1.3 so that we can see the captures. In Mininet, I'm gonna start a topology, and Mininet is configured to talk to ODL. So let's start a capture, apply the filter. In this example, I'm gonna specify OpenFlow 1.3 because I'm using an OpenDaylight controller which supports OpenFlow 1.3, not 1.4 at the time of this recording. So Wireshark has the option for OpenFlow 1.0, 1.3, and 1.4. So I can specify OpenFlow v4 as a display filter, and that's actually gonna capture OpenFlow 1.3. Therefore it makes sense also having a look at the rest of the traffic on the network.- So here's my Windows VM running Wireshark, and what's nice is that fairly recently, Wireshark have started sporting OpenFlow natively. The equivalent example of the mentioned "host 192.168.12.89" for the display filter is "ip.addr = 192.168.12.89"Īlso this option can be useful for viewing only the telegrams that belong to the device to be debugged, it is possible that the troubles of a station are caused by telegrams that are not directed to the station in questions (e.g. The display filter syntax is not identical to the capture filter syntax. It is also possible to filter the telegrams of an already captured file. In this case the "display filter" is to be used (refer to FAQ 100535). In Wireshark open the menu point "Edit" -> "Capture filters", and enter there a name which you want and for the Filter string.
It is also possible combining several expresions.
This is done to reduce the size of the resulting capture (file) and is especially useful on high traffic networks or for long term capturing. The free ethernet analyzer Wireshark do offer a capture filter that allows capturing telegrams on an IP network based on the source- and destination station or the TCP- or UDP port.Ĭapture Filters are used to filter out uninteresting packets already at capture time.
0 kommentar(er)
