|
I'm running Linux Mint Qiana and have two options for ethernet interfaces:
It doesn't appear that the 802.1Q header is visible in the received frames, even for TCP packets for a video stream (at least for the default setup of wireshark that I'm using). I imagine that this either because the frames aren't being sent with a specific 802.1Q inserted or because this portion of the header is stripped before being sent to the final desitnation (or simply because my network card is performing that functionality). There must be some way to create a setup in which the 802.1Q header can be viewed though, as the 802.11e[1] priority differentiation depends on the value of the priority code point of the header. I need to be able to act on this priority for testing purposes, so does anyone have any ideas how I might make such a setup? |
|
VLAN tags are removed by the switch before delivering to the end device. To view VLAN tags, you will need to be able to view frames as they traverse the switch. Please the below wiki page: https://wiki.wireshark.org/CaptureSetup/Ethernet NOTES:
If you try one of the configurations in the wiki and still have issues, I would recommend opening a new question with more specific information. Assuming this is always the case, how do 802.11 access points determine which traffic class an incoming packet belongs to?
(27 Jul '15, 10:46)
cancub
That is a switch configuration. And of course, different switches have different configurations. But the idea is to create the VLANs in the switch. Then on the port connected to the AP, you must configure the VLANs that will be used by the access point. On the access point, the VLANs must also be configured and usually assigned to separate networks. It is important to note the VLANs must be created throughout your entire switch networks. So if you have inter-connecting switches, you will need to configure VLAN trunks to ensure the VLANs travel across the network. It is important to note that the AP's are layer 2 devices and will remove the VLAN tags before sending the data to the end client (i.e., wireless client). So if you are looking for VLAN tags, you need to perform the capture at the wired Ethernet interface from the switch (i.e., the interface between the AP and the wired switch).
(27 Jul '15, 11:25)
Amato_C
Ah, I think I understand now. Thank you very much for your detailed response. So there's no way to configure switches to forward frames without removing VLAN tags?
(27 Jul '15, 12:34)
cancub
Depends what port you are talking about.
So assuming you have a VLAN trunk, you could perform a wired capture and see the VLAN tags. Or if you AP allows, you could perform a capture on the wired interface and see the VLAN tags. But if your intention is to capture VLAN tags going to an end client (i.e., switch port connects directly to a PC host), then the answer is no.
(27 Jul '15, 12:42)
Amato_C
|
