Community discussions

 
User avatar
LatinSuD
Member Candidate
Member Candidate
Topic Author
Posts: 174
Joined: Wed Jun 29, 2005 1:05 pm
Location: Spain
Contact:

vlan + sniffing = problem

Tue Jul 05, 2011 2:06 pm

This is ROS 4.17. I have several Vlans defined over an interface.

When i use packet sniffer over the base interface i have these problems:
- It sniffs all packets coming from all VLANS (this is not really a problem, but there should be an option like in Torch).
- All packets have "VLAN Id" field empty, despite they come from different vlans.
- In the packet dump i can see they have vlan header stripped.

I think this is also causing dhcp-server alert giving false positives.
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: vlan + sniffing = problem

Tue Jul 05, 2011 4:28 pm

i think that you are sniffing on VLAN interface - at that time, VLAN tag is already removed, you should try to sniff on etnernet where VLAN is assigned to see the tags.
 
User avatar
LatinSuD
Member Candidate
Member Candidate
Topic Author
Posts: 174
Joined: Wed Jun 29, 2005 1:05 pm
Location: Spain
Contact:

Re: vlan + sniffing = problem

Tue Jul 05, 2011 8:22 pm

Afaik It's an ethernet interface.
There are VLAN interfaces on top of that one, but that's another story.
 
hedele
Member
Member
Posts: 338
Joined: Tue Feb 24, 2009 11:23 pm

Re: vlan + sniffing = problem

Tue Jul 05, 2011 8:33 pm

I have also seen that kind of problem.

Built like this on a RB450G 4.5 (yeah, old):

Bridge (Ports: ether2 + ether3)
No VLAN Interfaces configured, so full VLAN trunk is passing between ether2 and ether3

Torching on the bridge shows no VLAN ID on tagged packets arriving from a Cisco Router on VLAN 20 at ether2 (ether3 is not connected).
A DHCP Alert on the bridge interface shows false-positives from a DHCP Server which is situated in VLAN 20, and sends tagged packets.
Creating a DHCP Client on bridge interface does not result in the Mikrotik receiving an IP address. Creating bridge.20 VLAN 20 subinterface
and running dhcp client there gives an IP address (as expected).
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1369
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: vlan + sniffing = problem

Sun Oct 02, 2011 3:03 pm

I can confirm packet sniffer on 4.17 and 5.7 does not capture properly the frames that come out of the MT router. VLAN info is missing where as they should be tagged.
Frames coming from outside clearly show that they are tagged.

I can also confirm that DHCP does not work properly with v5.7 on a VLAN interface.


I think MikroTik should invest in QA, testing, debugging or sell the business to some company that can release updates without so much bugs and incompatibilities.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8308
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: vlan + sniffing = problem

Wed Oct 05, 2011 1:02 am

I can also confirm that DHCP does not work properly with v5.7 on a VLAN interface.
huh, I was almost ready to upgrade... and what's improperly in DHCP on VLAN?..
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1369
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: vlan + sniffing = problem

Wed Oct 05, 2011 1:22 am

Says it's Invalid.

Furthermore troubleshooting is a pain because the sniffer does not capture outbound frames with the tags.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: vlan + sniffing = problem

Wed Oct 05, 2011 1:14 pm

wait till 5.8

on routerboard VLAN tag should be visible while sniffing.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8308
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: vlan + sniffing = problem

Wed Oct 05, 2011 1:33 pm

and on non-routerboards?..

and what about x86 routerboards? :)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: vlan + sniffing = problem

Wed Oct 05, 2011 1:58 pm

and on non-routerboards?..

and what about x86 routerboards? :)
ok i rephrase it:

for sniffer to show vlan tag on all RouterOS flavors wait till 5.8, 5.7 should display outgoing traffic VLAN tag.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1369
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: vlan + sniffing = problem

Wed Oct 05, 2011 5:11 pm

Hey guys the DHCP server on VLAN that I am trying to bring up does not work when its set to Static-only. When set to some IP Pool - it works again.

But the situation requires static.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: vlan + sniffing = problem

Tue Jul 02, 2013 11:27 pm

I am seeing something similar in RoS6.0 on a CCR1016

I have a VLAN 10 configured on ether12 and with a pppoe-client configured to use VLAN 10.

Torch shows the tagged outgoing pppoe-discovery(8863) packets (vlan10) and shows the replies have no vlan tag. (This is the actual issue I am trying to diagnose)
torch.jpg
When I do a packet sniffer on ether12 and look at the packets in RoS6 it shows vlan10 yet when I view the file in Wireshark the outgoing tags are missing in the trace.
wireshark.jpg
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: MSN [Bot] and 84 guests