- Laptop boots up for the first time and requests an IP address.
- Laptop’s IP address lease is renewed.
- Laptop reboots and confirms the IP address settings
- Laptop is disconnected from Subnet 1 and reconnected in Subnet 3.
BGP peering and route update messaging is explored in detail in this flow.
This message flow shows how two BGP routers:
- Peer by establishing a TCP connection and exchanging BGP OPEN messages.
- Exchange Keep Alive messages to ensure that the routers are reachable.
- Exchange routes using BGP UPDATE messages.
- Release the BGP connection on operator command.
VisualEther 6.1.103 now supports generating sequence diagrams from tunneled messages in PCAP files. You can create filters that will ignore the outer GTP message and extract the fields from the inner message.
This call flow shows the SIP call setup between a SIP client (192.168.0.10) and a SIP server (126.96.36.199). The flow also shows the RTP message flow between the SIP client and the Media Gateway (188.8.131.52).
The example covers the following:
- SIP invite from the client.
- The SIP server challenges the client to authenticate.
- The client responds to the authentication challenge.
- The call is connected.
- The call enters the conversation phase with RTP traffic.
- The SIP call is cleared.
This sequence diagram covers the establishment of a SSL/TLS connection for sending Google SPDY data. The protocol flow covers:
Voice over LTE (VoLTE) is the standard for voice call setup in LTE networks. When VoLTE is deployed, phones will not need to fallback to 3G for voice calls.
VoLTE uses IMS SIP signaling to set up voice calls. The following VoLTE call flow describes the IMS call setup and release. An example of sending an SMS over IMS is also included. Sample RTP and RTCP messages are also shown in the flow.
The Border Gateway Protocol (BGP) is an inter-autonomous system routing protocol. An autonomous system is a group of networks under common administrative control and routing policies.
This sequence diagram describes the sequence of messages exchanged when a new BGP router is made operational. The steps involved are:
- Establish TCP connections
- Exchange BGP Open messages.
- Start periodic exchange of Keepalive messages.
- Exchange routing information with the BGP Update message.
OSPF (Open Shortest Path First) is a routing protocol that is used as an interior gateway protocol in large enterprises.
Here is a sequence diagram that describes the message exchange that takes place when a new OSPF router comes online. You can click on any message in the flow to see full message contents.
- OSPF hello message exchange
- Master-slave resolution
- Router database synchronization
- Link state update
Introducing VisualEther Protocol Analyzer 6.1. Diagnose and debug Wireshark logs with sequence diagrams. Convert PCAP files into sequence diagrams and call flow diagrams by just defining the message fields that should be included in the diagrams. VisualEther takes of the rest, generating a well formatted sequence diagram. You can click on individual messages in the sequence diagram to see field level details.
VisualEther 6.1 adds the following features:
- Full IPv6 Support
- Convert any custom protocol to sequence diagrams. Fully customize the diagram generation.
- Display message details as an expandable list.
- Added support for Wifi and Ethernet frames
Visually debug protocol interactions
Generate sequence diagrams and call flow diagrams from Wireshark output. The sequence diagrams provide a visual trace of the packet flow between different nodes.
Use regular expressions to identify and flag error scenarios. Messages reporting session failure can be bookmarked in a PDF file, thus giving you quick access to the cause of failure. Protocol experts can identify the error scenarios upfront to speed up protocol debugging.
Summarize Wireshark output…
Define templates to select messages and the fields to be included in the generated diagrams. VisualEther analyzes the Wireshark output to generate documents that match the defined template. The template is defined as a simple XML file.
Support for IPv4, IPv6, Ethernet and Wifi is built in. TCP, UDP and SCTP transport layer support is also available out of the box.
You can customize the templates for any protocol that has an Wireshark dissector. Any custom source and destination addresses can be used to define the sequence diagram instance axes.
…while maintaining full message detail
Click on any message in PDF sequence diagrams. VisualEther shows you complete field level details of that message in a browser window.
The message nodes can be expanded and collapsed. This way you can focus on the part of the message that interests you.
Reverse engineer system design
Reverse engineering system design by analyzing the message flow in an operational system. Design documents are generated from the Wireshark traces. The generated documents can be edited and reformatted using EventStudio System Designer.
Automate diagram generation from Wireshark PCAP Files
Automate capture of Wireshark logs with tshark and then use the VisualEther command-line mode to generate sequence diagrams and context diagrams.
IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security Payload (ESP) or Authentication Header (AH) and a set of cryptographic algorithms to be used by the SAs to protect the traffic that they carry.
An example of IKEv2 handshake and an IPSec tunnel transport is illustrated with the sequence diagram. You can click on IKE messages in the sequence diagram to see field level details.
The following sequence of Virtual Private Network (VPN) setup are covered:
- A ping triggers establishment of the IKEv2 security association.
- An IPSec tunnel is setup with a Child Security Association setup handshake.
- The ping data gets transported over the IPSec tunnel.