|
Ethernet tap
1 Attachment(s)
Hi everyone,
I'm having an hard time figuring out why can't I capture the packets flowing between two devices, in both drections, using a self made ethernet tap, which looks just like this one: http://fernandomagro.com/wp-content/...2010/05/rx.jpg Both end devices (say, A and B) are connected to a switch. But since the sniffer (a regular laptop) only has one ethernet port I can't perform the sniffing, like it is presented in most web sites (e.g. http://wiki.wireshark.org/CaptureSet..._a_network_tap) So, in order to "solve" this issue, I just plugged the 2 (tap) connector ports to the ones on the switch and, finaly, 1 port from the switch to the sniffer. I thought the packets would be broadcasted but every time I plug the connectors to the switch the connection between A and B is interrupted. My setup scenario looks like the picture in attachment. Any ideias? |
Without knowing the exact wiring of the "tap" its hard to say,but I suspect you've created a loop which spanning tree is not dealing with due to unidirectional links.
A proper tap has to multiplex the transmit and receive paths of a full duplex connection into the receive path on the sniffers connection. You can't do this simply by wiring. You need a proper tap, a mirror port, or you can get away with a hub if you have one. Bear in mind that a hub changes the network connectivity to half duplex, if you are diagnosing a problem it changes the conditions of the fault so may mask whatever issue you are looking for. |
Quote:
Quote:
Note that if my sniffer had 2 interfaces I could just plug those two tap connectors (TX and RX) there and see the traffic using a packet sniffer (e.g. Wireshark). But since I only have 1 interface on the sniffer, I'd like to know how to solve this (if possible). |
| All times are GMT -5. The time now is 05:18 PM. |