 You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Long story short: I needed to bridge the NIC in my laptop with a USB NIC for packet capture reasons. Thought I would make sure I could remember how to get it working in the office before I headed out to the customer.
Connected one laptop to another via the USB NIC. Then the onboard NIC into the company network. Clicked to bridge the connection and as soon as it bridged the network connection was lost. Foolishly tried another network point and same happened again.
I am guessing there is some kind of rule on the switch but what could it be? Any help gratefully received.
What are you trying to packet capture? Stuff from/to your machine or between two other devices on the network?
I'm not sure quite what you're trying to achieve by bridging your network connections on your laptop?
STP would prevent the bring creating a loop, although not done this (bridged laptop) myself. Better to set up a port monitor on the switch and sniffing from that, but not sure what you are trying to do.
Hi Scaled. Not being awkward but it is a little difficult to say.
Customer has a PC based thing that talks across their network to a couple of applications on some servers.
Cant install any SW on the PC based thing and unlikely to get any help from their IT department. So I was thinking I either need to get hold of a hub (in the actual sense and not a small switch) which I cant at short notice. So this was plan B. PC based thing into my laptop and bridge the connection. Bit worried about doing this now as it has caused the switch in our office to throw its toys out of the pram and really do not need the hassle of doing that on the customers site.
Run Wireshark from a usb stick ?
Why won't the local IT set up a port mirror for you ? , 2 minute job.
Yep, most likely the BPDU guard within spanning tree has shut the port down. More info [url= http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configuration/guide/3750xscg/swstpopt.html#wp1095752 ]here[/url].
Sounds like you're trying to diagnose a problem by using some software based packet sniffer? If that's the case you'll need to talk to your network admins to set a port(s) for you to use. If you're going to do that just get them to mirror a port to your laptop and run the capture that way.
I'm sure you know this but if you're trying to place your laptop in the data path of two other devices and capture their traffic you should expect a knock at your door!
http://en.wikipedia.org/wiki/Man-in-the-middle_attack
If it's a 10/100 connection, ten minutes with a couple of patch cables and a pair of wire cutters will have you a passive Ethernet tap.
*cough* I imagine.
(Some of our engineers carry a 4-port mini switch with them for port mirroring purposes, I believe.)
Thanks Guys,
Can't run Wireshark from USB.
There is supposed to be packet capture on the PC based thing. However, the nice team that deal with the SW have yet to make it work.
I am not really involved in how the packets make their way around, does it show? Just need a plan for work tomorrow. Sadly the local IT are known to be very unhelpful and especially at short notice.
Trying to find a small hub will be the easiest way then, you'll just have to unplug the PC thing briefly, plug it in to the hub, plug your device in to the hub and put your adaptor in promiscuous mode.
Packet of chocolate Hobnobs should take of that.Sadly the local IT are known to be very unhelpful and especially at short notice.
Is 24 hours "short notice"? Ask now rather than when you appear on site, reschedule the visit around them. They want it fixed quicker, have them pressure their own internal IT.
You want one of these :-
http://www.scan.co.uk/products/5-port-netgear-gs105e-100uks-prosafe-gigabit-unmanaged-plus-switch
You want one of these
no you don't its a switch, you want a hub - as @scaled said, a hub will spill out everything for you - you just plug in and capture.
Why won't the local IT set up a port mirror for you ? , 2 minute job.
Plus 1
put your adaptor in promiscuous mode.
Love that expression 😀
no you don't its a switch, you want a hub
Depends if performance is an issue. Switch in port mirroring mode will run at 100/full; hub will be 10/half. No?
The netgear switch can do port mirroring , should have mentioned that!