how to packet capture for server with load balancing

I apologize if this question is too basic and obvious.

I want to do a packet capture on servers (OS type - Windows 2003, 2003R2, 2008, and 2008R2) with multiple NICs teamed together. The NICs might be teamed in a load balanced manner.

Would the only way to do an accurate capture require port spanning (or port mirroring) to capture all the packets to and from the server or can running wireshark on the server itself be able to get a complete capture from more than one interface?

I have read that tcpdump allows for packet capture from all interfaces in non-promiscuous mode for Linux OS, but I don't know what options are available for Windows machines or non-Linux machines in general.

Thanks in advance.

nic-team capture load-balance

asked 07 Aug '12, 09:35

seanpcap
1●1●1●1
accept rate: 0%

One Answer:

oldest newest most voted

0	Try the latest Windows version of Wireshark V1.8, it is exactly what you want. It can capture on multiple interfaces in promiscuous mode. link answered 07 Aug '12, 11:10 KeithFrench 106●1●1●4 accept rate: 0%

Your answer

toggle preview

community wiki

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "Title")
image?![alt text](/path/img.jpg "Title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

capture ×225
nic-team ×2
load-balance ×1

Asked: 07 Aug '12, 09:35

Seen: 679 times

Last updated: 07 Aug '12, 11:10

how to packet capture for server with load balancing

Follow this question

You have a trillion packets.

You need to see four of them.

Don't have Wireshark?

Related questions