I'm capturing with tcpdump and also via the wireshark gui. The dropped packets is 0 but I can clearly see that some clear-to-send / request-to-send and link layer ACK packets are missing. any idea why? I tried to increase the buffer to 100MB to see if it would help but no success. asked 06 Sep '11, 15:19 ddayan |
One Answer:
Two things here:
answered 07 Sep '11, 07:16 Landi From my understanding if you listen from the same card the outgoing packets are delivered from the driver not by listening to the channel (i.e. the driver sends the packet and stores a copy locally). However I captured with another laptop and I can more acknowledgments now. Thanks! (08 Sep '11, 05:42) ddayan True, I myself don't exactly know where the driver captures the packets on wireless NICs, but from what I've experienced while capturing wireless frames it was never a good idea to rely on the same machine sending and monitoring stuff - anyways, good that it seems to work know. Good luck (08 Sep '11, 06:49) Landi |
do you see any wireless packets (display filter "wlan") ?
yea I can see most of the packets, but its clear that some are missing. for an example when I see a clear to send request made from my machine but I dont see a request to send packet. or when I can see that some packets dont have ACK packets but they are not retransmitted so I know the packet was acknowledged.
what is your capture setup then, do you capture your own machines traffic with a sniffer running on the very same machine (same NIC) or do you use another wireless card or even 2nd device to capture the traffic? Also, which tool do you use to capture and which specs (frequency, channel(s), 802.11a/b/g/n?)
I'm capturing using the same NIC, its a Pentium 4 (1.4Ghz) laptop using atheros card and the ath5k driver, OS: backtrack 5 (Linux).
To capture 1) I make a monitor interface using airmon-ng 2) I start capturing using tcpdump(tcpdump -nvvXSs 1514 -i mon0 -w packet_dump) or wireshark
3) I connect to an AP.
I didn't find how I can set the capture to a certain frequency/channel