hello all i am fresher to the networking field. i am working on switch working. i connected 3 PCs to a switch by ethernet cables. i am able to ping all the 3 machines, one from the other. wireshark is running on all the three. suppose, when i run a simple server and client on 2 machines..i.e sending a message from one to other; in what form i.e by what protocol, will wireshark grasp the information ? if 2 machines are interaction, will the 3rd machine access the info over wireshark asked 25 Apr '12, 00:00  manju1438 edited 25 Apr '12, 00:02 |
One Answer:
If you're sending data from one machine to the other the switch will forward it directly, so the third machine won't see it at all (except the occasional unicast flood to learn MAC addresses, but that's a bit too much detail at the moment). So no, Wireshark will not see anything usefull, unless you can tell your switch to give a copy of the packets between the other machines to the capturing machine. For that you need a manageable switch with a monitor port feature. And regarding the protocol: Wireshark will capture whatever the machines use and show it. It is not a decision made by Wireshark, but by the applications that send the packets. answered 25 Apr '12, 06:33  Jasper ♦♦ |
