I have a setup where I am using Mosquitto server and Node-RED on a single machine, which is configured with the machine's IP address. The connection is via Ethernet, and I have a switch and two machines connected to each other. The machines can ping each other without any issues.
To monitor the MQTT traffic, I used the port mirroring feature of my switch, and I mirrored the machine running Node-RED and Mosquitto (Port 1) to another machine where I have Wireshark (Port 8)installed.
However, when I start capturing traffic on Wireshark using the Ethernet interface, I don't see any MQTT traffic (no packets using port 1883). Here's a summary of my setup: - Mosquitto server and Node-RED on the same machine. - Machines connected through Ethernet, using a switch. - Port mirroring set up to mirror traffic to a machine running Wireshark. - Machines can successfully ping each other.
I expected to see MQTT data on Wireshark, but it's not showing up. What could be the reason for Wireshark not capturing the MQTT packets? Am I missing any configuration or step in Wireshark or port mirroring?
Things I've tried: - Checked the port mirroring configuration on the switch. - Verified that the machines are on the same network and can communicate (ping works fine). - Filtered for MQTT packets in Wireshark (mqtt or tcp.port == 1883).
Any insights or suggestions would be greatly appreciated!