Hi, I do not capture RIP packets from Wireshark. It is very important for me to show RIP packet contents to our students. Is there any solution to see RIP packets from Wireshark or Can I download some library? Thank you so much. asked 13 May '14, 00:11  Gokhan Akyol edited 13 May '14, 01:41  Kurt Knochner ♦ |
One Answer:
Well, Wireshark support RIP. So, yes you can show the content of RIP frames to your students. You can download a RIP sample capture file from here:
Please save the file as RIP_v1.pcap and then open it in Wireshark. Other sample capture files:
++ UPDATE ++ BTW: Based on your tag "capture-filter RIP" I'm not quite sure, if you are having a problem capturing RIP frames or if you needed just a sample capture file. Capture filter: udp port 520 Please comment on my answer if you need something different. Regards answered 13 May '14, 01:40 Kurt Knochner ♦ edited 13 May '14, 01:46 |
Hi Kurt,
Thanks for quick response.
I have one more question. While packets are flowing in Wireshark, is there any chance to catch or capture RIP packets?
Thanks for interests
Wireshark will 'catch' whatever packets it sees while the capture is running. If you want to filter for only RIP, you can either use a capture filter of "udp port 520 or udp port 521" or you can use a display filter of "rip||ripng".
Consult the Wireshark user guide if you're not familiar with the terms "display filter" and "capture filter" here: http://www.wireshark.org/docs/wsug_html_chunked/