Hello Lars,
>>> Lars Lars <laasunde@xxxxxxxxxxx> 10/31/08 6:32 AM >>>
> Here are some observations:
> Running server application and running wireshark but
> not listening to any adapter - no multicasts are received
> on the server.
>
> Running server application and just opening
> Capture -> Interface... to show "Wireshark. Capture Interfaces"
> - this triggers the server application to receive multicast
> packets. I'm only showing the dialog window - not using it.
> By closing the window the server stops receiving the
> multicasts.
>
> Running server application and opening Capture -> Options...
> in wireshark select correct adapter and disabled promiscues
> mode - click Start and then the server starts to receive
> multicast messages. By stoping the capture then the
> server stops receiving multicasts. Tried enabling and
> disabling various settings within Wireshark: Capture
> options dialog window but it does not seem to affect
> the behaviour - it seems, regardless of mode or
> settings by listening to the adapter the server
> receives the multicasts.
>
> Can anyone shed some light on what wireshark
> does to 'cause' the behaviour I am describing.Thank you
A few questions:
What platform is this multicast server application
running on? (Windows (XP, Vista), Linux, etc)?
What version of Wireshark are you using?
Do you have any firewall installed on this system?
What type of multicast server application is this?
When your server actually subscribes to the multicast
group 230.21.1.200 it should send an IGMP message
indicating that fact. Do you see IGMP packets
egressing from your server machine?
If your machine is sending IGMP packets, what do
these IGMP packets contain?
If your system is NOT sending any packet, then your
system (for some reason) is NOT advertising its desire
to subscribe to the multicast group 230.21.1.200.
Is this the ONLY system that produces (sends) data for
this multicast group (230.21.1.200:14800)?
If not, does this same server system receive multicast
packets from other systems that are sending on this
group (230.21.1.200:14800)?
I am assuming you have multicast aware networking
equipment?
If your networking equipment is multicast aware,
and you (or your networking group) have access
to the management interface of the switch, you
should be able to query its multicast forwarding
tables to determine if your machine has subscribed
to the multicast 230.21.1.200 group or not.
I also agree with the earlier reply to this thread regarding
hair-pinning. It is extremely unlikely that the switch
equipment would locally (Layer 2) send a multicast packet
back to the same switch port that it originated on.
But if the multicast packet is ultimately forwarded to a
rendevous point then perhaps a copy of your multicast
packet could ultimately be sent back to the same switch
port that it originated on.
Does the switch port that your server is connected to
have multiple vlans exposed on it?
Answers to the above might help narrow down
possibilities.
Best regards,
Jim Y.
