Wireshark


#1

I have a dedicated computer setup talking to 2 B3000-ENET modules and 1 EB2 module. I am not using OPTO software to talk to them but I am talking but not thru windows so I can’t run Wireshark on the target machine. I running the network from this computer thru a hub to a switch connected to the brains. I have second computer running wireshark and connected to a port on the hub. The opto netwrk is running thru the switch and I see lights blinking on the modules but I see no activity from the modules on wireshark ( I see other stuff ). I am getting IPV6 and broadcasts I don’t know where from - any ideas or things I am missing?


#2

Hello CaptBixley,

Can you take the switch out of the equation? Usually when sniffing, you’d want to use just a hub since it’s “dumb” (not so smart that it’ll try to filter packets that don’t need to go somewhere, e.g. the Windows PC running Wireshark). BTW, our support team has lots of experience helping people sniff packets with Wireshark.

But I’m also curious about what the bigger problem is you’re trying to solve. Can you share a bit more about your application? I’m guessing something isn’t working quite as you’d like, hence the need to see/sniff what’s happening to troubleshoot? I hope you’ll share!

Thanks,
-OptoMary


#3

Hi - My application uses B3000-ENET I/O - I am talking to it using IntervalZero RTX (a real time extension for windows). This application was originally engineered back in 2000. This application is still running and working great. I have setup a test bed utilizing a i3 windows computer connected to the Opto modules via a switch. The customer wants some changes made in the process and I want to be sure everything is working correctly. I am experiencing some errors in the communications that appear random. I would like to see the traffic between the computer and the modules to troubleshoot and improve my understanding of the OptoMMP and Ethernet protocol. I am having some trouble seeing the packets with Wireshark. I have tried using a HUB and the monitor port on the switch. It seemed that the monitor port worked better. The test computer is connected to the Optos via a NIC card that is handled by the RTX. That machine also has a nic card connected to the internet and my home network as part of windows. It seems that my most successful attempts have been when I set the ip address of the sniffer (my laptop) to be on the same subnet as the control network. Any help or suggestions would be appreciated.
Thanks
John


#4

Besides taking the switch out of the equation, make sure your Wireshark capture options show a check next to “Capture all in promiscuous mode” to make sure Wireshark isn’t filtering out any of those packets you seek. This link talks about promiscuous mode.


#5

Bit of a long shot, but you might try a capture with Wireshark “name resolution” capture options turned off. Resolving the MAC, IP, and transport names has been known to cause dropped packets, and name resolution doesn’t seem necessary on your test network.


#6

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated sorting and filtering options.