Computer and IT knowledge - things to know
ip fragmentation - how to capture some snmp fragments from a switch
wireshark filter:
(ip.addr == 172.23.99.210)&&(ip.fragment)
better filter:
(ip.addr == 172.23.99.210)&&(((ip.fragment)||(ip.flags.mf==1)||(ip.frag_offset!=0)))
how to produce fragment packets?
>> decrease your mtu size on your test system > in our case a switch and decrease the mtu on the switch.
Turn on snmp on the switch and query using snmpwalk
Switch > aruba cx
6100(config)# interface vlan 1
6100(config-if-vlan)# ip mtu
<68-9198> The IP payload MTU value in bytes (Default: 1500)
6100(config-if-vlan)# ip mtu 200
Value is less than the IPv6 minimum MTU of 1280.
Continue (y/n)? y
6100(config-if-vlan)# show ip interface
Interface vlan1 is up
Admin state is up
Hardware: Ethernet, MAC Address: xy:....
IP MTU 200
now run a snmpbulkwalk to the switch:
snmpbulkwalk -c public -v 2c 72.23.99.210
>> on wireshark, you see the fragments
-------------------------------------
more information about ip fragmentation:
- https://packetpushers.net/blog/ip-fragmentation-in-detail/ computer2know :: thank you for your visit :: have a nice day :: © 2024