Ethereal-users: Re: [Ethereal-users] HDLC Capture

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <gharris@xxxxxxxxx>
Date: Tue, 18 Oct 2005 10:15:09 -0700
mark.dixon wrote:

I'm looking to capture HDLC packets between two CISCO routers.


If that's "Cisco HDLC", then
1) it's not really HDLC in the full sense of the word (no "control" field, for example) - it's probably just using the low-level bit-stuffing and framing of HDLC; 

	2) Ethereal can already dissect it;
3) if you can run Ethereal (or Tethereal or tcpdump) on a machine that's an endpoint of the CHDLC traffic (which, if it's a Cisco router, you probably can't), you might be able to capture on an interface that's a source or sink of the traffic, if the OS supports it ("endpoint" here doesn't mean, for example, IP-layer endpoint, as the router probably turns some of the traffic into Ethernet traffic and processes other traffic, such as SLARP, internally);
4) otherwise, you might be able to use an Endace DAG card to do "third-party" passive capture of the traffic, if your OS supports that (they support Linux and possibly also FreeBSD and Windows).