At 04:45 PM 5/12/2021, Fulko Hew wrote:
On Wed, May 12, 2021 at 6:12 PM
Ron W
<ronw.mrmx@xxxxxxxxx>
wrote:
- I am trying to use WireShark to diagnose a network problem between a
Windows PC and a Linux-based controller (for a robot).
- The controller uses uboot and TFTP to download the Linux image from
the PC. Using the controller's serial port, I can see the messages output
by uboot and by Linux. The messages as as expected and the controller
appears to work correctly except after downloading Linus via TFTP, the
PC application is not able to communicate with the controller via
TCP/IP.
- So, I connected an Ethernet switch between the PC and the controller
and also connected a laptop to the switch so I can monitor with
WireShark.
Your problem is the Ethernet switch you introduced to allow a 3rd device
to (attempt to) listen in on the conversation. You can't do that
using a switch. A switch routes messages from one port directly to
the port belonging to the destination. It won't get sent to all the other
ports (i.e. your sniffer). What you need is a hub, not a switch.
Hubs send everything to all ports. Switches only send broadcast
messages to all ports.
That's why I kept my 10Mb hub. Just for these
circumstances.
B.T.W. There are some 'managed' hubs that allow you to designate a
'sniffer' port that will receive all messages to/from a designated
'other' port. That feature is only available on the more expensive
switches.
Mirroring is becoming more common on cheaper switches. I have an 8
port 1 Gb D-Link with that capability that cost somewhat less than $100
3-4 years ago, although the mirroring can't keep up with heavy traffic,
there are often some missed messages under load.