In our Server(ESXi), we have multiple CHR nodes/VMs, each using by different clients.
Now, on the datacenter end, they enabled the BPDU Guard, so whenever STP/BPDU packet arrives at their switch/gateway, they disable the port.
Here, we are sure some of the clients ran bridge on their VMs and doing the STP toward the main gateway. The problem is that we can not find that CHR VM in our environment!
We tried to track packets using the below command on one of our CHR nodes in the same network/subnet, but the results show only our own CHR's MAC.
Code: Select all
[admin@MikroTik] > /tool sniffer quick interface=ether1 mac-protocol=802.2
INTERFACE TIME NUM DI SRC-MAC DST-MAC VLAN
ether1 736.911 64 -> 00:50:56:85:85:21 01:00:0C:CC:CC:CC
ether1 769.106 65 -> 00:50:56:85:85:21 01:00:0C:CC:CC:CC
ether1 770.541 66 -> 00:50:56:85:85:21 01:00:0C:CC:CC:CC
ether1 806.558 67 -> 00:50:56:85:85:21 01:00:0C:CC:CC:CC