Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: help

From: Martin Visser <martinvisser99 () gmail com>
Date: Tue, 27 Apr 2010 10:28:41 +1000
I would suggest doing the capture on the Linux box. In my experience, on
Linux libpcap and the driver preserves VLAN tagging.  (Just use a Linux
booting from a USB stick or CD if you don't want to install).

On Windows it seems that most drivers strip VLAN tags.

Regards, Martin

MartinVisser99 () gmail com


On Mon, Apr 26, 2010 at 6:39 PM, Padmalochan Moharana <
padmalochan.moharana () nethawk exfo com> wrote:


Hi Harris,
Thanks for the information. The wireshark captured the message without any
VLAN tag because the driver stripped the VLAN tag of the received
message.So
wireshark does not see any VLAN tag in the message. I think any other
system
setting or driver is required to capture the VLAN tag. So please let me
know
which driver deliver the message without stripping the VLAN tag of the
message.

Br,
Padmalochan

-----Original Message-----
From: Guy Harris [mailto:guy () alum mit edu]
Sent: Monday, April 26, 2010 1:15 PM
To: Community support list for Wireshark
Cc: padmalochan.moharana () Nethawk EXFO com
Subject: Re: [Wireshark-users] help


On Apr 25, 2010, at 11:34 PM, Pradeepta Samantaray wrote:


I'm using Wireshark-0.99.5-EL4.1 and ethernet e1000
But I am not able to capture vlan ID

I configured vlan as

Vconfig add eth1 5
Ip addr add 191.1.1.34/24 dev eth1.5

Vconfig add eth1 5
Ip addr add 191.1.1.35/24 dev eth1.5

Device eth1 goes into promiscuous mode
Device eth1.5 goes into promiscuous mode


Is eth0 the e1000 Ethernet?  If so, what happens if you capture on it?  (If
5 is the VLAN number, try capturing on eth0 with the capture filter "vlan
5"
if you only want traffic from that VLAN.)


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org
?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: