OK I bought a managed switch, so I can now monitor the traffic on my
network correctly. I set up the port mirroring function, to forward all
traffic from the ethernet port the uC is connected, to the port that my PC
is connected. I started wireshark but the problems persist.
First my code starts LWIP, the MAC controller and sets a static IP with no
problems.
Then my code enters a loop and tries a DNS query. Here the fancy staff
starts. The first calls to dns_gethostbyname do not produce any traffic
(yes I properly wait for the callback function to check the result, before
the next call). After continuing to call this function, I finally see
traffic in wireshark after app. 30 seconds. I can see an apparently normal
DNS packet being sent but there is no response from the server.
Then I tried to provide directly the IP of the server, (effectively I
stopped using the DNS functionality), and tried to directly connect to an
NTP server (using UDP of course). Again the same sumptoms. udp_send returns
ERR_OK, but no traffic at the network. After app. 30 seconds I see the
packets being sent but again absolutelly no response from the server.
Keep in mind that I can ping my device normally, that I tried many servers
(which are proved to work, testing from my PC), that I double checked our
firewall (and that everything works OK from my PC).
Also note that these problems exist only when I try to connect to an
external (to my LAN) server. Trying to connect to a local server works
normally.
*Fotis Panagiotopoulos*
*--*
*AMCO S.A.*
25 Amfiaraou st. PO 10442, Athens, Greece
Tel: +30 210 5907000 ext. -34 <%2B30%20210%205907000%20ext.%20-36>
| Fax: +30
210 5912711
e-mail: address@hidden | web: http://www.amco.gr
On Mon, Aug 1, 2016 at 9:22 PM, address@hidden <address@hidden> wrote:
Fotis Panagiotopoulos wrote:
I am asking for the brand/model number of the one that you are
successfully using, to search for a new or used one. As you can image
buying lots of switches in the hope that randomly one of them will have
this functionality, is not an good idea :)
You don't have to buy randomly, just look for a switch that supports
"port mirroring". These should be available from around ~100 EUR or USD...
The more professional tool for monitoring would be an ethernet tap, which
has two ports that work like a repeater and forwards both RX sides to a 3rd
port (e.g. ETH or USB) to monitor via wireshark.
If you want a cheaper solution, grab two network cards for your PC and
build your own passive tap (e.g. like this:
http://www.securityforrealpeople.com/2014/09/how-to-build-10
-network-tap.html). You'll have to monitor every side on its own (using
wireshark), but you can mix 2 pcaps into one later if you prefer. Mixing is
done via timestamps, so using 2 same cards (which are NOT USB) should give
the best results.
(ATTENTION: as this is passive and you attach a 2nd ETH receiver to one
cable, using very short cables is recommended - and worked well for me once
I tried!)
Simon
_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users