I work with industrial control systems. I often use an old non switching hub to monitor traffic between several devices, but I now have a problem where this would not be appropriate. It is a network with bandwidth problems, and the central 100MB switch is routing raw ethernet packets between several different ports, as well as some ordinary IP traffic. I need to find the bottlenecks and who is using most bandwidth etc...putting a hub in place of a switch is going to completely change the situation. I know 'managed' switch have a lot of extra config possibilities, is there any way I could eg. monitor traffic on a GB managed switch with one port specially configured to output to WireShark? Would it be realistic? asked 12 Jul '17, 07:35  RogerIrwin |
One Answer:
This is called port mirroring or spanning, see here for info and have a look at the Wireshark wiki page on Ethernet Capture for info on how to capture on a mirror port. answered 12 Jul '17, 07:47  grahamb ♦ |
Thanks, some very clear explanations at the end of those links.