WLAN Analysis with Wireshark (Frame Section, Part 2)
This following short article illustrates examples on frame encapsulation type. It starts with a case in wireless, then, covers with other technologies.
Within a Wireshark capture, "Encapsulation type" is one of the sub-fields under the session of Frame. The Wireshark display filter of "Encapsulation type" is frame.encap_type. The link-layer type number is the notation of those items, where default is 1 (Ethernet).
In our Wireless packets collection, the "Encapsulation type" is IEEE 802.11, as displayed below.
Another wireless capture is displayed here, where the link-layer type number is 126.
However, when we turn our attention to LAN in our wired device, it should indicate "Ethernet."
By aligning an example from Wireshark sample packets, the following instance shows some SITA WAN (Societe Internationale de Telecommunications Aeronautiques sample packets (contains X.25, International Passenger Airline Reservation System, Unisys Transmittal System and Frame Relay packets). (https://wiki.wireshark.org/SampleCaptures)
In our Wireless packets collection, the "Encapsulation type" is IEEE 802.11, as displayed below.
Another wireless capture is displayed here, where the link-layer type number is 126.
However, when we turn our attention to LAN in our wired device, it should indicate "Ethernet."
By aligning an example from Wireshark sample packets, the following instance shows some SITA WAN (Societe Internationale de Telecommunications Aeronautiques sample packets (contains X.25, International Passenger Airline Reservation System, Unisys Transmittal System and Frame Relay packets). (https://wiki.wireshark.org/SampleCaptures)
Another example deals with ATM Classical IP packets, where the the link-layer type number is 11.
No comments:
Post a Comment