lwip-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] LPC1769 ethernet problem

From: Fotis Panagiotopoulos
Subject: Re: [lwip-users] LPC1769 ethernet problem
Date: Fri, 12 Aug 2016 14:31:58 +0300
OK I bought a managed switch, so I can now monitor the traffic on my network correctly. I set up the port mirroring function, to forward all traffic from the ethernet port the uC is connected, to the port that my PC is connected. I started wireshark but the problems persist.

First my code starts LWIP, the MAC controller and sets a static IP with no problems.

Then my code enters a loop and tries a DNS query. Here the fancy staff starts. The first calls to dns_gethostbyname do not produce any traffic (yes I properly wait for the callback function to check the result, before the next call). After continuing to call this function, I finally see traffic in wireshark after app. 30 seconds. I can see an apparently normal DNS packet being sent but there is no response from the server.

Then I tried to provide directly the IP of the server, (effectively I stopped using the DNS functionality), and tried to directly connect to an NTP server (using UDP of course). Again the same sumptoms. udp_send returns ERR_OK, but no traffic at the network. After app. 30 seconds I see the packets being sent but again absolutelly no response from the server.

Keep in mind that I can ping my device normally, that I tried many servers (which are proved to work, testing from my PC), that I double checked our firewall (and that everything works OK from my PC).

Also note that these problems exist only when I try to connect to an external (to my LAN) server. Trying to connect to a local server works normally.


Fotis Panagiotopoulos

--

AMCO S.A.

25 Amfiaraou st. PO 10442, Athens, Greece
Tel: +30 210 5907000 ext. -34 | Fax: +30 210 5912711
e-mail: address@hidden | web: http://www.amco.gr


On Mon, Aug 1, 2016 at 9:22 PM, address@hidden <address@hidden> wrote:
Fotis Panagiotopoulos wrote:
I am asking for the brand/model number of the one that you are successfully using, to search for a new or used one. As you can image buying lots of switches in the hope that randomly one of them will have this functionality, is not an good idea :)

 You don't have to buy randomly, just look for a switch that supports "port mirroring". These should be available from around ~100 EUR or USD...

The more professional tool for monitoring would be an ethernet tap, which has two ports that work like a repeater and forwards both RX sides to a 3rd port (e.g. ETH or USB) to monitor via wireshark.

If you want a cheaper solution, grab two network cards for your PC and build your own passive tap (e.g. like this: http://www.securityforrealpeople.com/2014/09/how-to-build-10-network-tap.html). You'll have to monitor every side on its own (using wireshark), but you can mix 2 pcaps into one later if you prefer. Mixing is done via timestamps, so using 2 same cards (which are NOT USB) should give the best results.
(ATTENTION: as this is passive and you attach a 2nd ETH receiver to one cable, using very short cables is recommended - and worked well for me once I tried!)

Simon


_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users

reply via email to
[Prev in Thread] Current Thread [Next in Thread]