Protocol Testing Tutorial: L2 & L3

Before we learn about protocol testing, let’s understand:

What is Protocol?

When a computer communicates with each other, there is a common set of rules and conditions that each computer has to follow. In other words, protocols determine how data are transmitted between computing devices and over networks.

Protocol Testing

Protocol Testing is a method of checking communication protocols in the domains of Switching, Wireless, VoIP, Routing, etc. The primary goal of protocol testing is to check the structure of packets which are sent over a network using protocol testing tools. Routers and switches are used during the test to form parts of devices and products under testing.

Routed and Routing Protocols

Protocols are classified into two categories routed protocols and routing protocols

  • Routed Protocols: Routed protocols can be used to send the user data from one network to another network. It carries user traffic like e-mails, web-traffic, file transfers, etc. Routed protocols are IP, IPX, and AppleTalk.
  • Routing Protocols: Routing protocols are network protocols that determine routes for routers. It is only used between routers. For example RIP, IGRP, EIGRP, etc.

In simple terms, a router is like a bus used for transportation while routing protocols are signals on the road.

Based on the type of communication different protocols are used. Companies like CISCO, JUNIPER, ALCATEL produce networking devices like routers, modems, wireless access points, etc. that use different protocols for communication, for example, Cisco uses EIGRP, OSPF, etc. Protocol testing is nothing but checking whether EIGRP (Enhanced Interior Gateway Routing Protocol) or OSPF (Open Shortest Path First) or any other protocol is working as per respective standard.

Types of Computer Protocols

Types of Protocols Purpose of Protocols
TCP/IP It is used to send information in small packets over the Internet
UDP/ ICMP It is used to send a small amount of information in data-packets over the internet
POP3 and SMTP It is used for sending and receiving mail
Hypertext Transfer Protocol It is used to transfer HTML page in encrypted form to provide security to sensitive data
FTP It is used for transporting files over a network from one node to another

* TCP/IP– Transmission Control Protocol/ Internet protocol, UDP / ICMP– User Datagram Protocol/Internet Control Message Protocol, POP3/SMTP– Post Office Protocol / Simple Mail Transfer Protocol, HTTP– Hyper Text Transfer Protocol, FTP– File Transfer Protocol

Different types of network Protocols (L2 and L3)

The OSI model has total of 7 layers of network communication, in which layer 2 and layer 3 are very crucial.

  • Layer 2: It is a data link layer. Mac address, Ethernet, Token Ring, and Frame Relay are all examples of Data link layer.
  • Layer 3: It is a network layer that determines the best available path in the network for communication. An IP address is an example of layer3.

How to do Protocol Testing

  • For protocol testing, you need protocol analyzer and simulator
  • Protocol analyzer ensures proper decoding along with call and session analysis. While simulator simulates various entities of networking element
  • Usually, a protocol testing is carried out by DUT (device under test) to other devices like switches and routers and configuring protocol in it
  • Thereafter checking the packet structure of the packets sent by the devices
  • It checks scalability, performance, protocol algorithm etc. of the device by using tools like lxNetworks, Scapy and Wireshark

Testing Types for Protocol Testing

Protocol testing includes testing of functionality, performance, protocol stack, interoperability, etc. During protocol testing basically, three checks are done.

  • Correctness: Do we receive packet X when we expected
  • Latency: How long does a packet take to transit the system
  • Bandwidth: How many packets we can send per second

Protocol testing can be segregated into two categories. Stress and Reliability Tests and Functional Tests. Stress and Reliability tests cover Load Testing, Stress Testing, Performance Testing, etc. While Functional Testing includes negative testing, conformance testing, interoperability testing, etc.

  • Conformance Testing: The protocols implemented on products are tested for adherence like IEEE, RFC etc.
  • Interoperability Testing: The interoperability for different vendors are tested. This testing is done after conformance testing is done on the appropriate platform
  • Network feature Testing: The features of networking products are tested for functionality with reference to the design document. For example, features can be port-security on a switch, ACL on a router etc.

Sample Test Cases for Protocol Testing of Network Devices

Here is the sample test case for routers

Test Name Test Cases
  1. One VLAN on One Switch
  • Build two different VLANs. Check the visibility between hosts on different VLANs
  1. Three Symmetric VLANs on One switch
  • Create three different asymmetric VLANs. Check the visibility between hosts
  1. Spanning Tree: Root Path Cost Variation
  • Test how the Root Path Cost changes after a topology variation
  1. Spanning Tree: Port Blocking
  • Check how spanning tree protocol avoids the formation of cycles in the network, blocking redundant links, in presence of VLANs too
  1. Different Root Bridge for Different MSTI
  • Show that each MSTI can have different Root Bridge
  1. Visibility between different STP Regions
  • With same VLANs check visibility between different STP regions
  1. Telephone switch Performance
  • Generate 1000 telephone calls and check whether the telephone switch still operates or its performance degrades
  1. Negative test for device
  • Enter the incorrect key and check the user for authentication. It should not allow a user to access
  1. Line speed
  • Check the device operating at 10Gbps speed, utilizing all the available bandwidth to handle incoming traffic
  1. Protocol conversation rate
  • Track a TCP conversation between two devices and verify that each device engaged in a correct behavior
  1. Response time for session initiation
  • Measure the response time of a device to an invite request for session initiation

Tools for Protocol Testing

Let’s discuss the most important testing tools used to verify protocols

Scapy For Packet Crafting

Scapy is a powerful interactive packet manipulation program. It enables you to

  • Create packets
  • Decode packets on the network
  • Capture packets and analyze them
  • Inject packets into the network

So basically, scapy mainly does two things: receiving answers and sending packets. You define the packets, it sends them, receives answers, matches requests with answers and returns a list of packet couples and a list of unmatched packets.

It can also handle other things as well like trace-routing, unit tests, attacks or network discovery, developing new protocols, probing, etc.

Scapy enables us to write a Python script that allows us to perform a task like sending and receiving packets or sniffing packets. For example, scapy can sniff the data packet by using a Python script. The command to open the getdit entered in the editor

#!/usr/bin/env python
from scapy.all import*

a= sniff(count=10)

save, and change the mode of the file into an executable form
# ./

It will sniff 10 packets and soon as it has sniffed 10 packets it will print the summary. Scapy also as an array of command for sending and receiving packets at the same time

Download Scapy

Wireshark Tools For Analysis

Tools used for protocol testing- Wireshark. It allows to capture packets in real time and display them in human-readable form. It allows you to dig deep into the network traffic and inspect individual packets by using color coding and filters.

Wireshark captures packets that helps to determine when the session is getting established, when the exact data travel was initiated and how much data is sent each time, etc.

Wireshark has a set of rich features which includes

  • A thorough inspection of hundreds of protocols, more being added all the time
  • Live capture and offline analysis
  • Rich VoIP analysis
  • Standard three pane packed browser
  • Runs on multi-platforms like Windows, Linux, OSX and so on
  • Captured network data can be browsed via a GUI
  • Decryption support many protocols like IPsec, ISAKMP, SSL/TLS
  • Live data can be read from Ethernet, ATM, Bluetooth, USB, token etc.
  • Output can be exported to CSV, XML, plain text, etc.

Download Wireshark


TCCN is a standard testing language for defining Test Scenario and their implementation for protocol testing. A TCCN test suite contains many test cases written in the TTCN programming language and it is used for testing reactive systems or behavioral testing.

For example, a coffee vending machine that gives you coffee on inserting a dollar coin but does not respond if anything less than a dollar is inserted into it. To program such machines TCCN3 language is used. In order to make the coffee machine responds when inserting a coin, we have to write TCCN-3 component that behaves as a coffee machine. It allows us to run our test before an actual coffee machine is available as a product. Once it is done we will connect the TCCN3 test suite with the external device.

Protocol Testing

The test system emits stimuli (dollar coin) and receives responses (coffee). The stimuli adapter obtains stimuli from the test system and passes them to the system under test. The response adapter waits for responses of the system under test and passes them to the test system.

TCCN3 can be used in various fields like

  • Mobile communications (LTE, WiMAX, 3G etc)
  • Broadband technologies (ATM, DSL)
  • Middleware Platforms (Webservices, CORBA etc)
  • Internet Protocol ( SIP, IMS, IPv6)
  • Smart Cards
  • Automotive (AutoSAR, MOST, CAN)

In TCCN we can define

  • Test Suites
  • Test Cases
  • Test Steps
  • Declare Variables
  • Declare Timers
  • Create PDUs etc.

TCCN can be integrated with types of systems of other languages like ASN.1, XML, C/C++. TCCN3 core language exists in text format apart from other formats like tabular, graphical and presentation.