Sniffing EIGRP (wireshark)

Unanswered Question
Nov 12th, 2007

Hi all,

I got a lab with several routers connected via Ethernet and some serial connections. In order to get more familiar with EIGRP, I'd like to use Wireshark to capture the corresponding packets.

So far I can only capture HELLO packets, since there is no EIGRP process on that Win XP PC. *sugh* What's a good way to start from here ?

a) Is there a Win XP EIGRP client so that the PC shows more than just hello ? I'd be surprised ;)

b) I could connect two routers thru a hub and then attach the sniffing PC to that hub. Alternatively, I could use a switch and the define a monitoring port - but I'd need to search for the howto ^^.

Any other ideas ?

What about multiple instances of dynamips ? Can wireshark sniff selectively on single virtual connections ?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
guruprasadr Mon, 11/12/2007 - 02:45

HI Oliver, [Pls Rate if HELPS]

SPAN Configuration on CISCO Switch can be done to handle multiple instance of Packet Capture.

Upto 6 Instance can be configured.

Pls see the attachment (.pdf) for more INFO reg SPAN COnfig.


Best Regards,

Guru Prasad R

glen.grant Mon, 11/12/2007 - 07:56

Well if this is in a lab where you cannot break anything then your best bet to see stuff happening is to use your debug commands and you can see almost everything going with the eigrp process . You have to be very careful with debug commands in a live network as this can bury a cpu if used incorrectly but in a lab situation with little traffic it would be a good way to really see what is going on . There is a lot of info that will come across the screen but it is no worse that going thru screens of sniffer captures.

keller.oliver Tue, 11/13/2007 - 02:03

Hi Glen,

thanks for your advice, debug would be a backup method to use, since the output is not as readable (and manoeverable) as wireshark sniffings. OK, you can get used to it, but in direct comparison I noticed my students are faster getting the concepts when using a GUI based analyzer.

Best wishes,



This Discussion