Protocol Testing Tutorial – L2 & L3

What exactly is the protocol?

When a computer communicates with another computer, it must adhere to a shared set of rules and circumstances. Protocols, in other words, define how data is transferred between computers and through networks.

Protocol Testing

Protocol testing is a method of validating communication protocols in fields like switching, wireless, VoIP, routing, and so on. The basic objective of protocol testing is to use protocol testing tools to examine the structure of packets delivered over a network. During the test, routers and switches are employed to create portions of the equipment and goods being tested.

The Value of Protocol Testing

It also allows for the development of dependable and high-performance network connectivity. Devices would be unable to interpret the electronic signals they send when conversing via network connections if protocols were not there.

A network transmits packets containing encrypted binary data. Furthermore, several protocols include a header to hold information about the message's sender. The network protocols provide a description of the sender and recipient of the communication at the beginning of the message. A footer is also included in a few protocols.

As a result, network protocols focus on recognizing headers and footers when transferring data between devices.

Routing Protocols and Routed Protocols

There are two types of protocols − routed protocols and routing protocols.

  • Routed Protocols − Routed protocols can be used to transfer user data from one network to another. It transports user traffic such as e-mails, web traffic, file transfers, and so forth. IP, IPX, and AppleTalk are examples of routed protocols.

  • Routing Protocols − Routing protocols are network protocols that let routers select which routes to take. It's solely used to communicate between routers. For instance, RIP, IGRP, EIGRP, and so forth.

In basic words, a router is like a bus that transports people, while routing protocols are like traffic lights.

Different protocols are employed depending on the nature of communication. Companies such as CISCO, JUNIPER, and ALCATEL manufacture networking equipment such as routers, modems, wireless access points, and so on that utilize various protocols for communication. For example, Cisco uses EIGRP, OSPF, and so on. Protocol testing consists of determining if EIGRP (Enhanced Interior Gateway Routing Protocol) or OSPF (Open Shortest Path First) or any other protocol is operating in accordance with its relevant standards.

Protocols and how they are utilized

  • TCP/IP - This protocol is used to transfer data over the Internet in tiny packets.

  • UDP/ ICMP - It is used to transfer tiny amounts of data in data packets across the internet.

  • POP3 and SMTP - These protocols are used to send and receive emails.

  • HTTP - The Hypertext Transfer Protocol (HTTP) is used to transfer HTML pages in encrypted form in order to protect sensitive data.

  • FTP - It is used to transfer data from one node to another over a network. TCP/IP- Transmission Control Protocol/Internet Protocol,

  • UDP / ICMP - User Datagram Protocol/Internet Control Message Protocol, POP3/SMTP- Post Office Protocol / Simple Mail Transfer Protocol

There are several sorts of network protocols.

The OSI model contains seven levels of network communication, with layer 2 and layer 3 being particularly important.

  • Layer 2 − The second layer is the data link layer. Data link layers 2 are best shown by Mac addresses and Ethernet.

  • Layer 3 − Layer 3 is a network layer that identifies the best available communication channel in the network. Layer 3 is exemplified by an IP address.

Protocol Testing Procedures

A protocol analyzer and simulator are required for protocol testing.

A protocol analyzer provides correct decoding as well as call and session analysis. While the simulator replicates various networking element entities Usually, protocol testing is carried out by connecting the DUT (device under test) to other devices like switches and routers and setting the protocol in it.

Following that, examine the packet structure of the packets transmitted by the devices.

It examines the device's scalability, performance, protocol strategy, and so on using tools such as lxNetworks, Scapy, and Wireshark.

Protocol Testing Methodologies

Protocol testing encompasses functionality, performance, protocol stack, compatibility, and other aspects. Three checks are performed during protocol testing −

  • Correctness − Did we get packet X on the predicted date?

  • Latency − The amount of time it takes for a packet to get through the system.

  • Bandwidth − Bandwidth is the number of packets we can send each second.

Protocol testing may be divided into two types. Functional tests, as well as stress and reliability tests. Load testing, stress testing, and performance testing are all examples of stress and reliability tests. Negative testing, conformance testing, interoperability testing, and so on are all part of functional testing.

  • Stress Testing (Torture Testing) − Stress testing (Torture testing) is a type of intentionally intense or extensive testing used to assess the stability of a particular system, vital infrastructure, or entity. It entails testing beyond normal operating capacity, frequently beyond the breaking point, to examine the effects.

  • Reliability Testing − Reliability Testing is a software testing procedure that determines if the program can execute a failure-free operation in a certain environment for a given time period. The goal of reliability testing is to ensure that the software product is bug-free and dependable enough to perform its intended function.

  • Conformance Testing − Protocols such as IEEE, RFC, and others are examined for conformance on goods.

  • Interoperability Testing − Different suppliers' interoperability is tested. This testing follows conformance testing on the relevant platform.

  • Network feature testing − The features of networking devices are evaluated for functionality using the design document as a guide. Port-security on a switch, ACL on a router, and so on are examples of features.

Protocol Testing Tools

Let's go through the most significant testing tools for protocol verification.

Packet Crafting Scapy

Scapy is a sophisticated packet modification software that can be used interactively. It allows you to −

  • Make packets

  • On the network, decode packets.

  • Capture and analyze packets

  • Packets should be injected into the network.

So, fundamentally, Scapy does two things: it receives responses and sends packets. You specify the packets, it transmits them, receives responses, matches requests with responses, and provides a list of packet pairs and unmatched packets.

It can also handle trace-routing, unit testing, attacks or network discovery, building new protocols, probing, and so on.

Scapy allows us to create a Python script that performs a task such as sending and receiving packets or sniffing packets. Scapy, for example, can sniff a data packet using a Python script. The command to open the getdit file in the editor was typed.

#!/usr/bin/env python
from scapy.all import*

a= sniff(count=10)

Save, and change the mode of the file into an executable form


# ./

It will sniff 10 packets and then output the report after sniffing 10 packets. Scapy also has a command array for transmitting and receiving packets at the same time.

Wireshark Analysis Tools

Wireshark is a protocol testing tool. It allows you to collect real-time packets and show them in a human-readable format. It enables you to delve deep into network traffic and analyze individual packets by utilizing color coding and filters.

Wireshark records packets that aid in determining when a session is created, when the specific data transit began, and how much data is transferred each time, among other things.

Wireshark provides a plethora of useful functions, including

  • A detailed examination of hundreds of procedures, with more being added on a regular basis.

  • Offline analysis and live capture

  • In-depth VoIP analysis

  • Browser with three panes as standard

  • Runs on a variety of systems, including Windows, Linux, and OS X.

  • A GUI may be used to browse captured network data.

  • Many protocols, including IPsec, ISAKMP, and SSL/TLS, are supported for decryption.

  • Live data may be read via Ethernet, ATM, Bluetooth, USB, tokens, and other devices.

  • The output may be exported to CSV, XML, plain text, and other formats.


TCCN is a standard testing language for designing and implementing Test Scenarios for protocol testing. A TCCN test suite is a collection of test cases developed in the TTCN programming language for reactive systems or behavioral testing.

For example, a coffee vending machine will give you coffee if you input a $1 coin but will not respond if you insert anything other than a dollar coin. The TCCN3 programming language is used to program such machines. To have the coffee machine respond when a coin is inserted, we must create a TCCN-3 component that acts as a coffee machine. It permits us to conduct our research before a commercially accessible coffee maker is released.

When it is complete, we will link the TCCN3 test suite to the external device.

The test system generates stimuli (a dollar coin) and collects responses (coffee). The stimulus adapter collects stimuli from the test system and sends them to the system under test. The response adapter monitors the system under test for replies and forwards them to the test system.

TCCN3 can be utilized in a variety of applications, including

  • Communications through mobile devices (LTE, WiMAX, 3G, etc)

  • High-speed Internet technologies (ATM, DSL)

  • Platforms for Middleware (Webservices, CORBA, etc)

  • Internet Protocol (IP) is an abbreviation ( SIP, IMS, IPv6)

  • Card Readers

  • The automobile (AutoSAR, MOST, CAN)

We may define in TCCN −

  • Test Suites

  • Test Cases

  • Test Steps

  • Declare Variables

  • Declare Timers

  • Make PDUs, for example.

TCCN may be integrated with systems written in other languages such as ASN.1, XML, and C/C++. Apart from tabular, graphical, and presentation formats, the TCCN3 core language is available in text format.

Protocol Testing of Network Devices − Example Test Cases

Here is the sample test case for routers −

Test NameTest Cases
One VLAN on One SwitchBuild two different VLANs. verify the visibility between hosts on different VLANs
Three Symmetric VLANs on One switchmake three different asymmetric VLANs. Check the visibility between hosts
Spanning Tree − Root Path Cost VariationTest how the Root Path Cost is changed after a topology variation
Spanning Tree − Port BlockingIn the presence of VLANs, see how the spanning tree protocol prevents the creation of cycles in the network by blocking redundant links.
Different Root Bridge for Different MSTIDemonstrate that each MSTI may have a unique Root Bridge.
Visibility between different STP RegionsExamine visibility between various STP areas using the same VLANs.
Telephone switch PerformanceMake 1000 phone calls to see if the phone switch is still operational or if its performance has deteriorated.
Negative test for deviceEnter the incorrect key and verify the user for authentication. It should not be possible for a user to gain access.
Line speedCheck that the device is running at 10Gbps and using all of the available bandwidth to handle incoming traffic.
Protocol conversation rateTrack a TCP communication between two devices and ensure that each device is behaving correctly.
Response time for session initiationCalculate the response time of a device to an invite request for session initiation