This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

why can’t wireshark capture UDP from a server?

0

wireshark can capture upd packets from others, but can't capture udp packets from one server which sends out udp by HP iLO. I am sure the server can send udp by HP iLO as hostmonitor can receive its udp packets, no any problem. why wireshirk can't?

thanks, George

asked 26 Aug '13, 11:17

georgeyu100's gravatar image

georgeyu100
11112
accept rate: 0%

wireshark can capture UDP packets from other server port 161

(26 Aug '13, 13:00) georgeyu100

Where and how are you capturing the traffic? Are you using any kind of capture filters? If wireshark is showing that same traffic from other servers, there aren't a lot of possibilities other than that the server isn't sending the traffic, your filters are dropping it, or the place where you're capturing isn't in the line of path of the packets.

(26 Aug '13, 19:41) Quadratic

One Answer:

1

Maybe the HP iLo traffic is using Unicast UDP packets towards the hostmonitor, while the other UDP packets you see are Broadcast/Multicast. You'll only see the Unicast packets if you capture at a location like a SPAN port.

See http://wiki.wireshark.org/CaptureSetup/Ethernet for capture setup options.

answered 27 Aug '13, 06:39

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%