Your switch may allow you to span the traffic
either in, out, or both. Both is default
on a Cisco switch if you do not specify.
This assumes you have access to
the network, and Wireshark is running on an independent platform. The interface driver on the server NIC may
shortcut the multicast before it has to get on the wire and come back.
Robert D. Scott Robert@xxxxxxx
Senior Network Engineer 352-273-0113 Phone
CNS - Network Services 352-392-2061 CNS Receptionist
University of Florida 352-392-9440 FAX
Florida Lambda Rail 352-294-3571 FLR NOC
Gainesville, FL
32611 321-663-0421 Cell
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Lars Lars
Sent: Thursday, October 30, 2008
12:22 PM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users]
Multicast problem
Hello
I'm new to this mailinglist and I'm hoping to get some help on a specific
problem I'm trying to debug.
An server application is setup to send udp multicast message every second.
There are a number clients, including the server itself, that listen for this
messages. This has worked fine for several years. Then this week I found an
installation where all clients received udp multicast message except the
server. So the multicast is not echo'ed back to the itself. (There is no
firewall on any of the computers)
By starting Wireshark 1.0.4 I'm able to monitor the multicast messages\packages
Source: 172.21.1.1
Destionation : 230.21.1.200
Protocol: UDP
Source port:14800
Destionation port: 14800
What I'm not able to understand is how can I debug this problem using
wireshark? How can I figure out if a particular udp multicast packet
is actually both sent and received by the same computer? Does this application
enable me to do so? Can someone please explain how
I could go about doing so, or recommend any other utility that might aid me.
Thanks for your time. Appreciate any input.
Windows
Live SkyDrive. På tide å glemme minnepinnen.
