Capture traffic using virtual machine

Hi,

I'm trying to use a virtual environment to capture traffic from a real switch but I have problems with the traffic that the virtual NIC is able to see...

The environment is the following:

I have a server with four NICs running windows 2008 R2 and Hyper-V. I use one NIC to manage the server.

I have started with one virtual machine running windows 2008 R2 and wireshark to capture traffic. The virtual machine has two NICs configured, one to manage and other to capture the traffic, both are connected to different real NICs.

When I try to capture traffic through the interface connected to the real NIC connected to the switch port, I can't see all the traffic... I don't know if it's not possible or if I need to configure something in the virtual machine to allow this feature...

Thanks in advanced.
ecemibmAsked:
Who is Participating?
 
msmamjiConnect With a Mentor Commented:
To the best of my knowledge, it is not supported, yet.
To date Hyper-V doesn't support promiscuous mode on virtual interfaces. Virtual switches in Hyper-V seem to act like per-port switching. Your VM will only see broadcast traffic and traffic bound for it.

Haven't used VMware but have heard they support promiscuous mode.
How to Set HyperV NIC in Promiscuous Mode [Technet]
How to Set HyperV NIC in Promiscuous Mode
http://tech.deurk.net/hyper-v-and-promiscuous-mode/
Regards,
Shahid
0
 
Krzysztof PytkoSenior Active Directory EngineerCommented:
Did you try to use Microsoft Network Monitor?

http://support.microsoft.com/kb/933741
0
 
ecemibmAuthor Commented:
The issue is not related with the software used to capture the traffic. We have this environment running on a real environment with the same features and software and it's running without problems... I think it's something related with the virtual networking in Hyper-v and the possibility to set a promiscuous mode in the virtual switch...

I know that VMWare manage this issue but I don't know if Hyper-V has this feature...
0
 
Krzysztof PytkoSenior Active Directory EngineerCommented:
OK, I will dig it in my env and I would try to help you, tomorrow, because I'm going home, ok?
0
 
ecemibmAuthor Commented:
There is no solution for the problem.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.