Capture overlay network traffic in Docker Swarm (Windows)
Hi,
I have a dockerized Windows app(process isolation in Docker Swarm), that is connected to RabbitMQ(Linux). I would like to see whether TCP keep alive packets are being sent in any direction, because RabbitMQ requires long lived connections, and timeouts seem to sever them even though I have enabled keep alive on the OS level, and I believe I enabled RabbitMQ heartbeats on the app level.
If I run Wireshark on one of the Windows nodes and I select all interfaces on the main screen, and filter by "host 192.168.6.230", I see no traffic (192.168.6.230 is the RabbitMQ container to which the Windows app container is connected, according to "netstat -an").
I'm not sure whether Wireshark has an issue with Docker overlay networks, but it is a requirement as the RabbitMQ container must run on the Linux node, the official Docker image requires it.
It's not a Wireshark issue, it's about your capture setup and the capabilities of the capture library (likely to be npcap on Windows).
Your best bet for support might be a docker forum that handles Windows containers.