Monitoring Traffic

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Monitoring Traffic

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Monitoring Traffic
Monitoring Traffic
2017-04-23 13:28:28
Model :

Hardware Version :

Firmware Version :

ISP :

I have a TD-W986-1N (300Mbpss Wireless N ADSL2+ Modem Router) and I have some questions

1. I am trying to monitor my network traffic using Wireshark. However I only see traffic that is destined to/from the host I am running wireshark on. Is this expected? Is there any way to configure it to allow wireshark to see packets on all the ports?

2. I did see (while running wireshark) that the router supports some uPnP interface that Chrome talks to a lot that sends WANCommonInterfaceConfig packets. Are the capabilities of this interface documented anywhere? Are there any tools that are "freely" available to dig into this data?

3. When I perform a name lookup on my network the routers DNS forwarder (i.e. when I ask 192.168.1.1) does not resolve any of my LAN device names. A previous router I used had a daemon called DNSMasq that made sure that DNS queries could resolve names for any DHCP registered devices, which was nice as it mean't literally every device, regardless of OS, had a reliable name that could be used in lieu of a volatile IP. This router does not seem to have this capability or I have messed up the config somehow.

4. A previous router also had a rFlow daemon that emitted a high level overview of all traffic as NetFlow v5 UDP packets. It was very useful for discovering what in my LAN was talking to LAN or WAN. #justsaying

5. Are there any available diagnostics wrt the NAT functionality? I had an issue a few weeks ago that seems to have resolved that I would need to restart the router every few hours as it would stop routing any additional connections. Existing connections would continue to work, but name resolution and/or connection attempts (to known IPs) would fail - it was acting like the NAT could not add any additional entries to its connection map.
  0      
  0      
#1
Options