Packet Captures in VIRL

Last Updated: [last-modified] (UTC)

Introduction

Packet capturing in VIRL is not entirely intuitive, so this brief guide will outline how this is done.

 

Prerequisites:

Before beginning, make sure you have installed:

• A current version of Wireshark
• The VM Maestro client

 

 

---

Capturing Packets

Start the Topology

1. Open the VM Maestro client
2. Open a topology, or build a new one
3. Start the simulation
4. Wait for the simulation to start completely

 

Start the Capture

1. Decide which interface(s) to capture traffic on
2. In the simulation view, left-click the link on which the packet capture should run
   1. Notice that the interface ends of the link appear, as shown below
3. Right click on the interface on which the packet capture should run. Go to Packet Captures, then Create New
4. In the Create Packet Capture window, set the options as required, or leave as default. Click OK
5. The icon on the interface will change to show that the capture is running

 

 

Retrieve the Capture

1. Perform whatever tests you need to generate the traffic you want to capture
2. When ready, right click the interface the capture is running on, go to Packet Captures, then go to the capture that is running, and click Download
3. Select a location to download to, and click OK
4. When the Open Packet Capture dialog box appears, click Yes to view the packet capture
5. The capture will automatically open in Wireshark

 

Review all Running Captures

1. In the toolbar, click Window -> Show View -> Packet Captures
2. The Packet Capture view will appear in the bottom window pane, showing all running captures
3. From here, captures can be downloaded, deleted, or ‘revealed’ in the simulation viewer