I build two (openvpn) VPNs. One is UDP and the other is TCP. My teacher wants me to compare the packets transmitted by these two and write a report on the difference. To trace the packets I found Cisco Packets Tracer but I don’t know what to compare in the packets. Can anyone please help or guide me?
Cisco packet tracer is for network simulations and while it can be used for learning, I think what you actually need is Wireshark. Wireshark is a packet sniffer/analyzer. It allows you to view your own network traffic. Open Wireshark while you are connected to the TCP VPN and then after some time save the capture. Do the same for the UDP VPN. Make sure you have capture on your wifi or ethernet interface and not the VPN interface. Take note of the VPN server IP. You can filter the Wireshark capture to only show traffic with the VPN server. Example: “ip.addr == 172.16.47.9” OR “tcp.port == 8080”. In your comparison, you can talk about how they use different transport layer protocols(aka TCP or UDP), which one you get faster speeds with, etc…
If you use any program to inspect packets (wireshark mentioned by xyz is good) you will see the obvious difference in udp vs tcp packets, such as the missing Ack Number, missing flags, etc.
Can anyone please help or guide me?
This would be a great introduction into “Wireshark” which is probably what your teacher wants you to use.
In a nutshell, udp is much, much faster than tcp. Your teacher would want you to prove this with Wireshark.
One downside of using tcp combined with a vpn protocol like OVPN is that you’ll encounter tcp meltdown. This is caused by the two tcp protocol fighting each other and decreasing window sizes until you get abysmal performance. Go and read up on it, it’s pretty interesting.
