locked
General question about netmon! RRS feed

  • Question

  • Hi,

    good day to all netmon forum buddies. I wanted some information, let me explain in brief what I am doing, basically I am working on FPGA system connected to Windows OS which acts like a GUI. I wrote some client-server code so that I made my windows PC to act like server and my board as client. I have used Netmon for keeping a track on how the entire thing works, if I had some connectivity problem or so I was using netmon to rectify it.

    Now I wanted to make Linux to act like server and my FPGA board as client. My problem is that I could not view any exchange of data packets on the netmon which is installed on Windows PC. Of course that is true since I use a switch it is really not possible to monitor the data transfer between the Linux Server and Client Board on the netmon on my PC.

    My question is, is there a way how I can monitor the network between Linux Server and Client Board on my netmon which in on my Windows PC. I cannot install netmon on Linux system because I am running the server in CLI mode. Or is there some other way in which I can achieve this.

    Please get back to me if you need some more information from me regarding this post.

    Kind Regards,

    Nero.

     

    Thursday, September 30, 2010 9:10 AM

Answers

  • There are a few possible solutions. 

    1.  If the Windows PC and Linux are connected to the same hub or a configurable switch you can might be able to capture the traffic on the Windows PC if you put the check the P-Mode (promiscuous mode) for the NIC you are capturing on.  For this to work, the hub/switch has to pass the traffic on to the Port the Windows machine is using.  Dumb Hubs usually just do this automatically, so that will just work.  For switchs and smart hubs, they tend to block traffic that a port doens't have to see.  But often you can configure them to span/mirror a port so that all the traffic one one more port automatically spanned to the port you are capturing on.

    2.  You can also use TCPDump on the Linux machine to capture the traffic.  I'm not terribly familiar with TCPdump, but I believe it should be availalbe as part of the OS.  I believe it should write the file format as .pcap which network monitor can read.

    3.  You should also be able to use Wireshark to capture traffic on a linux machine.  I'm not sure of the details of doing this, but wireshark is a cross platform protocol analyzer and capturing tool.  So this is another option you can look into.

    Thanks,

    Paul

    • Proposed as answer by Paul E Long Thursday, September 30, 2010 3:53 PM
    • Marked as answer by Paul E Long Monday, October 4, 2010 4:25 PM
    Thursday, September 30, 2010 3:48 PM

All replies

  • There are a few possible solutions. 

    1.  If the Windows PC and Linux are connected to the same hub or a configurable switch you can might be able to capture the traffic on the Windows PC if you put the check the P-Mode (promiscuous mode) for the NIC you are capturing on.  For this to work, the hub/switch has to pass the traffic on to the Port the Windows machine is using.  Dumb Hubs usually just do this automatically, so that will just work.  For switchs and smart hubs, they tend to block traffic that a port doens't have to see.  But often you can configure them to span/mirror a port so that all the traffic one one more port automatically spanned to the port you are capturing on.

    2.  You can also use TCPDump on the Linux machine to capture the traffic.  I'm not terribly familiar with TCPdump, but I believe it should be availalbe as part of the OS.  I believe it should write the file format as .pcap which network monitor can read.

    3.  You should also be able to use Wireshark to capture traffic on a linux machine.  I'm not sure of the details of doing this, but wireshark is a cross platform protocol analyzer and capturing tool.  So this is another option you can look into.

    Thanks,

    Paul

    • Proposed as answer by Paul E Long Thursday, September 30, 2010 3:53 PM
    • Marked as answer by Paul E Long Monday, October 4, 2010 4:25 PM
    Thursday, September 30, 2010 3:48 PM
  • Hi Paul,

    thanks for the valuable information that you have provided!

    Regards,

    Nero.

    Friday, October 1, 2010 7:43 AM