This is the king of all useful tools for network engineers. A must have tool I was introduced in my early years of Job and since then it remained with me every single day. This is so useful that I can credit at least 25% of issues that I have solved till date to this tool. Wireshark is an open source free software, you have the access to the complete wireshak code and you are welcome to contribute as a developer if you like. They provide a very good amount of training content on their website and the wiresahrk community keeps on growing with the events that they conduct like Sharkfest. The world of wireshark keeps on getting more amazing like here Laura chappal is explaining how to analyze data for Deep Space Networking where some satellites are talking.
You get get wireshark from here , scroll down their website for some great training contents : https://www.wireshark.org/
Below are some blogs I wrote on wireshark
- Wireshark: How to Identify RTP stream Packet Drop
- Wireshark : How to identify Top-talkers in Network.
- Wireshark : How to identify burst of traffic in network
The wireshark although great but it needs to be installed, what about a tool which is integrated with linux/Mac OS and can provide similar functions. TCPDUMP does this, although not in GUI. For windows users you can install windump which is related with tcp dump but windows version to provide same capability on Microsoft windows based systems. Below is how we can use this.
NAME tcpdump - dump traffic on a network SYNOPSIS tcpdump [ -AbdDefhHIJKlLnNOpqStuUvxX# ] [ -B buffer_size ] [ -c count ] [ -C file_size ] [ -G rotate_seconds ] [ -F file ] [ -i interface ] [ -j tstamp_type ] [ -k (metadata_arg) ] [ -m module ] [ -M secret ] [ --number ] [ -Q in|out|inout ] [ -r file ] [ -V file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -E spi@ipaddr algo:secret,… ] [ -y datalinktype ] [ -z postrotate-command ] [ -Z user ] [ -Q packet-metadata-filter ] [ -Q in|out|inout ] [ --time-stamp-precision=tstamp_precision ] [ --immediate-mode ] [ --version ] [ expression ]
This is also a tool which remained with me since the day I entered into Computer Networking world. I still remember the excitement when I booted my first real Cisco IOS on GNS3 (which eventually killed my 512 MB RAM PC and I had to restart). I have went through numerous hrs of frustration dealing with GNS3 issues due to less memory and still I cant have a PC without GNS3 installed in it. GNS3 has evolved a lot, I have started using it when it used to support just IOS and now it has list of devices like Juniper, Arista, Fortigate, Cisco Nexus, XE, XR, ASA products also you can add docker , ubuntu and even windows in GNS3 . GNS3 is an open community and growing very actively, there are tons of free trainings available on their website they also look for people who can write contents related to GNS3, you just need to drop and email to them and they will let you know.
Can be downloaded from here : https://www.gns3.com/software
Supported Appliances : https://www.gns3.com/marketplace/appliances
Trainings : https://www.gns3.com/marketplace/training
FileZilla is another cool open source which I have been using for very long time. This tool is used for file transfer over FTP,SFTP and can work in Client and Server mode. Very easy to use and you can rely on it for any size of transfer. I remember working on some NAT issues where customer was facing difficulty with passive FTP over NAT on Cisco router, FileZilla was used to reproduce this issue and worked like a charm. I definitely recommend to use it.
Can be downloaded from here : https://filezilla-project.org/
5. Notepad++ / BBEdit(Mac)
If you deal with huge text files and need to parse this log sometimes manually then you need a powerful text editor and most of the time you need it for free 😉 . For windows users the Notepad++ is a great tool and not only for the reason that it can open big files but it has great features for log parsing, it is a tool that you will end up using on daily basis and it considerably reduces your time in log parsing. Similarly BBEdit(remember text wrangler?? It is now BBEdit) is a nice text editor tool for MAC users although it is not free(at the begining). You need to run through a month of evaluation and then it will still run for basic editing function. I have not checked what you loose after eval period ends but it can do pretty much everything which I need for my log parsing works. Although on their website they proudly say and I quote,
“BBEdit offers a 30-day evaluation period. During that period, all of BBEdit’s features are available. When it ends, you can still use BBEdit— with no nag screens or unsolicited interruptions, for free, forever.”
Can be downloaded from here : https://notepad-plus-plus.org/downloads/
Can be Download from here : https://www.barebones.com/products/bbedit/download.html
6. ASCII Flow:
Have you ever seen somebody sending you a network diag like this.
He must definitely be using Ascii Flow, the best part is that you do not need to download anything to run it . Just go to website https://asciiflow.com/#/ and start drawing. And do not try to do it on notepad like I tried once, its so frustrating. But I wonder how one of my senior used to do it with perfection on notepad itself…
7. iTerm(MAC), SuperPutty/Putty(Windows):
Almost all network engineer work on CLI based systems be it Network devices or Linux machines. You must have a feature rich terminal software for SSH or Telnet. The most useful software without a doubt is Putty which is available for windows as well as mac machines. SuperPutty is an extension of Putty software and provides tabbed window just like you will have in SecureCRT which is paid terminal software.
For MAC users native terminal is a great tool however it gets annoying sometime when great protocols like telnet is not available in MAC Terminal. Hence you need something which you can use for Telnet etc whenever needed. I use iTerm and it works great.
Putty can be downloaded from : https://www.putty.org/
SuperPutty can be downloaded from : https://www.puttygen.com/superputty
iTerm can be downloaded from here : https://iterm2.com/
iPerf is a bandwidth measurement tool available free of cost and trusted among all the network engineers. This is also useful to test throughput of a network device. For example you buy a router which is promised to have 10 GIG of throughput but before placing it in production network you need to test the throughput in lab. You can setup iPerf in two systems connected on two ports of the router and test the throughput of the router. Here are my blogs on a similar test..
Just like the tcpdump and Wireshark, iPerf also has a GUI cousin named Jperf.
iPerf can be downloaded from here : https://iperf.fr/
Jperf can be downlaoded from here : https://sourceforge.net/projects/jperf/
9. iReasoning Mib Browser(Windows/Linux/Mac)
MIB browsers are for testing SNMP and are really helpful in case you want to see result for a particular MIB. I have been using this tool since the day I first learnt about this protocol. Its a free tool very robust and useful. Apart from MIB browsing you can also test SNMP traps etc with the help of this. Definitely I recommend it as a must have tool if you play around SNMP alot.
MIB Browser can be downloaded from here : http://ireasoning.com/mibbrowser.shtml
10. Colasoft Packet player
Colasoft packet player is a tool which is useful beyond words. As a network engineer you come across some corner situations where you need to play previously captured packet or construct a packet and play(send) to DUT(device under test) to see the behavior. Quite helpful to trigger bugs etc, lately in 3-4 years I have seen the colasoft popularity growing and there is a good amount of literature available on net which teaches you to use this tool.
Colasoft can be downloaded from here : https://www.colasoft.com/download/
WinMTR is used to capture packet drops for a particular path in extended period of time. It uses traceroute and keeps on running for a defined duration, at the same time also captures the number of packets dropped in that path. Very useful in case you are troubleshooting performance issues in a certain path. The Mac OS cousin of WinMTR is just called MTR.
WinMTR can be downloaded from here : https://sourceforge.net/projects/winmtr/
Here you can find the instructions to enable MTR on Mac : https://www.exavault.com/docs/help/02-networking/04-mtr
12. Multicast Hammer
Multicast hammer is an excellent tool to test multicast, it works in both client and server mode. I found it very useful when to practice multicast or while testing it in a production network or while troubleshooting some weird multicast issue. Easy to setup and easy to use.
Multicast hammer can be downloaded from here : https://support.pelco.com/s/article/Using-Multicast-Hammer-1538586730634