Wireshark mailing list archives
Re: help
From: Martin Visser <martinvisser99 () gmail com>
Date: Tue, 27 Apr 2010 10:28:41 +1000
I would suggest doing the capture on the Linux box. In my experience, on Linux libpcap and the driver preserves VLAN tagging. (Just use a Linux booting from a USB stick or CD if you don't want to install). On Windows it seems that most drivers strip VLAN tags. Regards, Martin MartinVisser99 () gmail com On Mon, Apr 26, 2010 at 6:39 PM, Padmalochan Moharana < padmalochan.moharana () nethawk exfo com> wrote:
Hi Harris, Thanks for the information. The wireshark captured the message without any VLAN tag because the driver stripped the VLAN tag of the received message.So wireshark does not see any VLAN tag in the message. I think any other system setting or driver is required to capture the VLAN tag. So please let me know which driver deliver the message without stripping the VLAN tag of the message. Br, Padmalochan -----Original Message----- From: Guy Harris [mailto:guy () alum mit edu] Sent: Monday, April 26, 2010 1:15 PM To: Community support list for Wireshark Cc: padmalochan.moharana () Nethawk EXFO com Subject: Re: [Wireshark-users] help On Apr 25, 2010, at 11:34 PM, Pradeepta Samantaray wrote:I'm using Wireshark-0.99.5-EL4.1 and ethernet e1000 But I am not able to capture vlan ID I configured vlan as Vconfig add eth1 5 Ip addr add 191.1.1.34/24 dev eth1.5 Vconfig add eth1 5 Ip addr add 191.1.1.35/24 dev eth1.5 Device eth1 goes into promiscuous mode Device eth1.5 goes into promiscuous modeIs eth0 the e1000 Ethernet? If so, what happens if you capture on it? (If 5 is the VLAN number, try capturing on eth0 with the capture filter "vlan 5" if you only want traffic from that VLAN.) ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe