Solved

Capture traffic using virtual machine

Posted on 2010-09-21
7
1,016 Views
Last Modified: 2013-11-06
Hi,

I'm trying to use a virtual environment to capture traffic from a real switch but I have problems with the traffic that the virtual NIC is able to see...

The environment is the following:

I have a server with four NICs running windows 2008 R2 and Hyper-V. I use one NIC to manage the server.

I have started with one virtual machine running windows 2008 R2 and wireshark to capture traffic. The virtual machine has two NICs configured, one to manage and other to capture the traffic, both are connected to different real NICs.

When I try to capture traffic through the interface connected to the real NIC connected to the switch port, I can't see all the traffic... I don't know if it's not possible or if I need to configure something in the virtual machine to allow this feature...

Thanks in advanced.
0
Comment
Question by:ecemibm
  • 2
  • 2
7 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33733985
Did you try to use Microsoft Network Monitor?

http://support.microsoft.com/kb/933741
0
 

Author Comment

by:ecemibm
ID: 33734142
The issue is not related with the software used to capture the traffic. We have this environment running on a real environment with the same features and software and it's running without problems... I think it's something related with the virtual networking in Hyper-v and the possibility to set a promiscuous mode in the virtual switch...

I know that VMWare manage this issue but I don't know if Hyper-V has this feature...
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33734158
OK, I will dig it in my env and I would try to help you, tomorrow, because I'm going home, ok?
0
 
LVL 15

Accepted Solution

by:
msmamji earned 500 total points
ID: 33761190
To the best of my knowledge, it is not supported, yet.
To date Hyper-V doesn't support promiscuous mode on virtual interfaces. Virtual switches in Hyper-V seem to act like per-port switching. Your VM will only see broadcast traffic and traffic bound for it.

Haven't used VMware but have heard they support promiscuous mode.
How to Set HyperV NIC in Promiscuous Mode [Technet]
How to Set HyperV NIC in Promiscuous Mode
http://tech.deurk.net/hyper-v-and-promiscuous-mode/
Regards,
Shahid
0
 

Author Closing Comment

by:ecemibm
ID: 33770185
There is no solution for the problem.
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DNS Server 7 59
Samba Question 11 76
Powercli + List all VM's Per SCSILUN 15 86
Migrating a Linux server to VMware 3 58
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question