Use Wireshark with K2 Cloud P&D

This past week, I did my first deployment using the K2 Cloud Package and Deployment (P&D) tool. I had problems during my first two attempts, but won the day on my third try — with some help from network analysis software. Here’s how.

Before I talk about the actual deployment, I want you to know there are some pre-reqs associated with running P&D on K2 Cloud. K2 created a really good knowledgebase article on it here, but the two most important things to know from that article are: (1) You have to register your public IP address with K2 Operations — do that by submitting a ticket to K2 Operations. (2) There are a series of ports you must open on your computer’s firewall. The ports are TCP, by the way (I asked K2 to consider amending the article to include the port type).

I strongly recommend downloading a network monitoring software like The Wireshark Network Protocol Analyzer (Wireshark) and running it when you run P&D, because Wireshark will show you the flow of traffic between your computer and the K2 Cloud server if you monitor the TCP traffic on those ports. (This is how I learned the ports are TCP). Most importantly, Wireshark will show you when traffic gets lost, so you don’t needlessly sit there wondering why it’s taking so long to parse the package. Had I run Wireshark from the start, I would have saved HOURS.

Here are some steps to follow. These assume you have your ports configured for running K2 Cloud P&D, your current public IP is registered with K2 Operations, and your account is authorized to run it; also, that you’ve downloaded and installed

  1. Download and execute K2 Cloud P&D, so that the form appears on your screen, but no buttons have been clicked on the form yet.

  2. Open Wireshark.

  3. In Wireshark, under Capture, you should see a listing of various network traffic interfaces your computer is using. Select the one currently being used to communicate with the Internet. How to tell? Within a few moments, you
    should be able to see spikes in the lines beside each named interface. Make sure you select an interface with activity, but not the loopback interface.


  4. Type the following into the filter:

    tcp portrange 12345-67890


    Where 12345 is the starting port number in the range, and 67890 is the ending port number in the range. (See the KB article for the specific values.) Tap the return key to start the capture.

  5. On the K2 Cloud P&D form, select an environment and either start creating a package (left button) or deploy a stored package (right button).

  6. If you’re creating a package, you should see traffic being recorded in Wireshark. If you’re deploying a package, you might not see traffic until after you’ve selected the package to deploy.

  7. The TCP protocol used by the ports include the heavy overhead of authentication and packet inspection to help ensure the data is reassembled correctly at the receiving end. Using this protocol, senders and receivers coordinate so missing packets get retransmitted. Using Wireshark, you’ll be able to see this happening in near real-time. If the sender retransmits a packet multiple times without acknowledgement from the receiver, the sender will stop sending. In the K2 Cloud P&D form, progress will stop with no error being thrown. If this happens, close P&D and start over fresh.

When I first ran P&D, it seemed to take a long time analyzing the package; I
found myself wondering if it was still working… wondering if the wait was a function of the low RAM in my machine. I spent a long time waiting for nothing, and ended up killing the process and starting over.

On my second attempt, I ran Wireshark alongside P&D. At some point a packet got dropped at the server end which stopped package reassembly — and once again, I couldn’t tell if P&D was still doing it’s thing or not.

On my third attempt, everything ran smoothly, and Wireshark showed no significant traffic problems.

Every time I use K2 Cloud P&D in the future, I’ll be running Wireshark too.