ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-users: Re: [Wireshark-users] Analyzing VM Virtual Switches communicationwith WireShark

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Sake Blok" <sake@xxxxxxxxxx>
Date: Mon, 15 Sep 2008 22:08:46 +0200
Al,
VMware includes 'vmnet-sniffer (at least on my Ubuntu VMware server 2.0 installation). With that you can capture packets on any vmnet interface (bridge). You can then read the packets from the file with wireshark.
If you want a realtime monitoring solution, you need to make sure the vmnet (to which both VMs are connected) is bridged to an interface that libpcap can capture. On my system I have created some vlan-interfaces for my virtual machines and I can capture packets between VMs on the vlan interface (both VMs using the same vmnet connected to that vlan). Actually the VMware bridge behaves more like a hub than a bridge ;-)
Maybe it's even possible to create a special loopback interface for this purpose, but I have not tried that yet. 

Hope this helps,
Cheers,


Sake
----- Original Message ----- From: "Al Aghili" <aaghili@xxxxxxxxxxxxxxxxxx> 
To: "'Community support list for Wireshark'" <wireshark-users@xxxxxxxxxxxxx>
Sent: Monday, September 15, 2008 9:55 PM
Subject: Re: [Wireshark-users] Analyzing VM Virtual Switches communicationwith WireShark 



Hi Jaap,
Yes can it be done on a VMWare virtual switch.

Al

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap Keuter
Sent: Monday, September 15, 2008 12:38 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Analyzing VM Virtual Switches
communication with WireShark

Hi,

If you can create a tap on such a vm switch you can monitor on that.
It very much depends on the specific technology you're using. VMWare
maybe?

Thanx,
Jaap

Al Aghili wrote:

Hi,

We have a VM server that uses vm switches for communication between

the

VM's. Can WireShark or tshark monitor communication on a VM switch
between the different servers that reside on the same physical host?

So

application server on VM1 on host A talks to Database on VM2 on host A



through a VM switch. We'd like to have WireShark monitor this

communication.


Thanks for the help.

*Al Aghili***




_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users

_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube