Techbits #6: Colasoft Network Packet Builder

If you are into networking - no, I do not mean social networking - networking as in computer networks, telecommunications, TCP/IP, then this post is for you.

Colasoft Packet Builder is a freeware tool that aids in creating, editing and replaying network packets. What can this be used for? To test how your application deals with a particular network packet, whether it works as expected etc. The application could be anything like an Element Management System (EMS), Network Management System (NMS), packet analyzer or even a protocol stack implementation.

Packet Editing & Replay is especially quite a handy feature to be of aid while debugging issues. The packets captured from live networks using sniffer tools like Wireshark (formerly known as Ethereal) can be edited and replayed using the tool i.e. they can be loaded into the tool, IP & MAC addresses of source & destination changed and resent.

A sample use-case in EMS/NMS scenario is as follows:

1. An issue is reported from the customer's production deployment.
2. The issue states that EMS/NMS is not processing/displaying a specific event/alarm.
3. A packet capture / snoop is asked for.
4. The received packet capture is loaded into the tool.
5. The packet capture is edited to update the destination IP & MAC.
1. 5.1 This is done to direct the packet to the EMS/NMS server in your lab environment.
2. 5.2 The source addresses can also be changed optionally.
6. The updated packet capture is then resent/replayed.

Now, you you can reproduce and debug the issue easily without requiring access to the problematic device or without feeling the necessity to debug or add more hooks to debug on the production server.

Colasoft Packet Builder can be downloaded from http://www.colasoft.com/packet_builder/.