I did a session at SharkFest’18 Europe in Vienna with the title of “Crash Course: IPv6 and Network Protocols“. Since the presentation slides + audio were recorded you can listen to the talk, too. Here are some notes about the motivation for this session as well as feedback from the attendees.
This was the official agenda of SharkFest’18 EU for my talk: “This presentation is split into 2 sections. Both are network protocol “crash courses” explained by a pcap walk-through.
- IPv6: While it is quite obvious that the Internet Protocol numbers have changed, it is not that easy to understand all those new control protocols for IPv6 such as ICMPv6 with its Router Advertisements, Neighbor Solicitations, and so on. How does a router propagate itself? How does a new IPv6 client get an IPv6 address? How does the data link layer address resolution occur? This presentation guides you through a pcap on how to interpret and filter for relevant messages.
- Network Protocols: A switched network is a complex infrastructure with lots of protocols running between those switches and routers. This part of the presentation walks through a pcap again to explain the most common network protocols such as STP, CDP, LLDP, VTP, LACP, HSRP, as well as management protocols such as Syslog, NTP, SNMP, TFTP.”
Motivation & Feedback
My motivation for these two parts of the talk was the assumption that IT engineers are seeing many “unknown” packets in their own trace files due to the fact that neither IPv6 nor network protocols in general are known to them. Hence the idea to give an overview of those two areas.
However, though I got positive feedback from the attendees in general, they were not that happy about a single session with two different topics. Many have not read the title completely and simply thought it is an IPv6-only session (with a focus of “IPv6 network protocols”), while they were disappointed to hear some well-known general network protocol stuff in the second part. Ok, sorry guys, I fully agree that it was not the best idea to have both topics in one session, while the title was misleading as well. Next time I’ll submit a session for IPv6 only with even more details on it.
Anyway, here is the YouTube video from my session. If you’re interested in IPv6, listen to the first part. Interested in network protocols in general? Start listening at 43 minutes:
The PDF of my slides are available as well: