Wireshark mailing list archives
Re: config problem - not seeing all messages
From: Kurt Buff <kurt.buff () gmail com>
Date: Wed, 12 May 2021 18:54:13 -0600
Others have mentioned switches or hubs for gathering the packets. Network Taps are another alternative, and many are available used (ebay) for relatively small prices. https://www.ebay.com/sch/i.html?_from=R40&_trksid=p2499334.m570.l1313&_nkw=network+tap&_sacat=58058 Kurt On Wed, May 12, 2021 at 4:12 PM Ron W <ronw.mrmx () gmail com> wrote:
I am trying to use WireShark to diagnose a network problem between a Windows PC and a Linux-based controller (for a robot). The controller uses uboot and TFTP to download the Linux image from the PC. Using the controller's serial port, I can see the messages output by uboot and by Linux. The messages as as expected and the controller appears to work correctly except after downloading Linus via TFTP, the PC application is not able to communicate with the controller via TCP/IP. So, I connected an Ethernet switch between the PC and the controller and also connected a laptop to the switch so I can monitor with WireShark. What I see in WireShark's capture log (see attached screen picture) would have made sense, but the log is not showing the TFTP messages. So, to make sure TFTP was actually working, I interrupted uboot before it started downloading Linux. I then entered commands to have uboot download various test files I created and inspect what was downloaded to make sure the expected content was in the controller. As I did this, I continued to monitor with WireShark. Still I did not see anything after the initial ARP request from the controller, asking for the MAC corresponding to the IP address of the PC. i did not even see an ARP reply from the PC. Since I'm not seeing the TFTP messages, nor the PC's ARP response, I have to assume I configured WireShark incorrectly. Looking at my capture selection and capture options (see attached screen pictures), I can't find anything to explain not seeing the TFTP messages in the capture log. I even tried a fresh install of WireShark on another laptop that had never had Wireshark on it. Same result: No TFTP message in the capture log. I have used WireShark successfully in the past. As best I can remember, I setup WireShark the same as I have in the past. Still, I must be doing something wrong. Any advise on what I need to fix in my WireShark settings? Thanks in advance ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- config problem - not seeing all messages Ron W (May 12)
- Re: config problem - not seeing all messages Fulko Hew (May 12)
- Message not available
- Re: config problem - not seeing all messages Jack Jackson (May 12)
- Re: config problem - not seeing all messages Guy Harris (May 13)
- Message not available
- Re: config problem - not seeing all messages Fulko Hew (May 12)
- Re: config problem - not seeing all messages Kurt Buff (May 12)
- Re: config problem - not seeing all messages Graham Bloice (May 13)
- Re: config problem - not seeing all messages Gisle Vanem (May 13)
- Re: config problem - not seeing all messages Graham Bloice (May 13)