THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Why would wireshark on one PC capture LLDP packets and another not?

I have a device that's transmitting Link Layer Discovery Protocol (LLDP) packets. I have two Windows PCs running Win10 Enterprise, ver 22H2, build 19045. The device and the PCs are all on the same sub-net, on their own layer 2 Netgear switches. Both PC's are running v4.2.0 of wireshark. I add filter eth.type==0x88cc to wireshark on both PCs. One PC captures the device's LLDP packets, the other does not. What could be the issue?

SeeCwriter's avatar
1
SeeCwriter
asked 2024-04-15 19:02:33 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Typical troubleshooting would be to swap PC's and see if the issue stivks to the PC or to the switch.

hugo.vanderkooij's avatar hugo.vanderkooij (2024-04-16 06:00:38 +0000) edit
more
  • delete

Also Wireshark profiles may be different on the two instances.

grahamb's avatar grahamb (2024-04-16 08:04:57 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

It turns out that LLDP broadcast packets are treated differently than normal broadcast packets. Normally a broadcast goes to all devices on the same sub-net. With LLDP, the packets are only forwarded to devices on the same network switch as the device sending the LLDP packets.

SeeCwriter's avatar
1
SeeCwriter
answered 2024-04-16 14:07:40 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Perhaps a switch in the network recognizes the lldp packet and so does not forward it.

7ACE's avatar 7ACE (2024-04-16 14:48:35 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer