I'm wondering if there might be incoming raw ethernet packets received by my computer, but being rejected or somehow hidden from wireshark and if this is the case I'm wondering how to stop them from being rejected. I have a little hardware setup where I communicate with an FPGA from my computer using an ethernet cable and a protocol which uses raw ethernet packets (i.e. they are not encapsulated in high other higher level protocols such as TCP or IP). I have set up this system with various machines and OSes including a couple different versions of Scientific Linux as well as Windows. However, I have run into trouble getting this to work recently on two laptops I have been trying to setup. Despite installing the software, and using wireshark to confirm that I am in fact sending out the correct ethernet packets to the FPGA I see nothing coming back. By simply switching the ethernet cable I'm able to use a different computer to talk to the same FPGA with the same firmware and I can check that the packets being sent to the FPGA are identical in both cases. Yet when using either of these two laptops with which I'm having trouble I get nothing back. I'm not a networking expert by any means, so I'm wondering if someone might have a plausible explanation (and solution!) for this. I'm wondering if its possible that these raw ethernet packets are being rejected by the laptops for some kind of security or other reason before wireshark can spy on them? One of the laptops is an HP running Ubuntu 14.04 with a RealTek RTL8101E/RTL8102E PCI Express Fast Ethernet controller the other is an ASUS running windows (apologies, I don't have access to it at the moment so I can't give any more details as to OS version or hardware). Please let me know if there's any important information I might have left out. asked 22 Jul '15, 14:24  Ignnt |
One Answer:
Yes, capturing in promiscuous mode should show you all packets - or, at least, all packets that the hardware doesn't reject due to some form of malformation, such as an invalid CRC, although some adapters on some OSes with some drivers might even let those through in promiscuous mode. It might be interesting to get a true Ethernet hub (not a switched hub) and plug your laptop, the device with the FPGA, and one of the machines on which this does work into the hub, and use the machine on which this does work as a passive sniffer, or to do something similar with a network tap. answered 23 Jul '15, 13:02  Guy Harris ♦♦ Great, thanks for the info. I'll see if I can set up one of the sniffers you suggest (and if I can, I will let you know the results). Not sure if there's a handy hub I can use, but I would like to set this up to check regardless. Thanks again for the help. (23 Jul '15, 13:46) Ignnt |
To which software are you referring here? What is the software that's supposed to be receiving the packets from the FPGA?
So the software in question isn't, in fact, seeing those packets?
The software I was referring to is a custom program designed for interacting with this particular hardware setup. I'm using Wireshark mostly for debugging. I have, on other set ups using linux, had to set up a pipe with a root user account to make the packets available to non root users, but this doesn't seem to make a difference on my system.
Neither Wireshark nor the custom software I'm using seem to be seeing the packets, but given that all of the hardware on the other end of the Ethernet connection is the same and the outgoing packets are the same my best guess is that the FPGA is in fact sending the packets.
Thanks.
Are you capturing in promiscuous mode?
I infer from "I have a little hardware setup where I communicate with an FPGA from my computer using an ethernet cable" that you just have an Ethernet cable between your computer and the device with the FPGA, i.e. no hub or switch connects them. Is that correct?
Yes, I am capturing in promiscuous mode. Should this in theory capture anything being sent on the line?
And yes, you're right it's just a direct ethernet connection from the computer to the FPGA.