Weird! WireShark cannot detect OBI200 traffic/packets

[TTCP]

Hi, I installed WireShark, just to take a look at the OBI200 traffic/packets, out of curiosity.

But to my surprise, all I can see in WireShark is something like the following:

    Source=OBI200  Dest.=Broadcast ( ff:ff:ff:ff:ff:ff ) Protocol=ARP
    Source=OBI200  Dest.=Broadcast ( ff:ff:ff:ff:ff:ff ) Protocol=ARP
    Source=OBI200  Dest.=Broadcast ( ff:ff:ff:ff:ff:ff ) Protocol=ARP

It does not matter whether my OBI is registering with a remote SIP server, or making an outbound call, or receiving an incoming call. WireShark is always displaying the above traffic for my OBI200.

My OBI200 is functioning properly. So what really happened behind the screen?    WireShark cannot detect OBI200 traffic/packet?    Or OBIHAI engineers tried their best to hide the traffic from WireShark, for some unknown agenda?

Oh, by the way, my OBI200 is using OBITalk online management. But does that make a difference?

[drgeoff]

I suspect this is a PEBKAC case.

One feature of an ethernet switch (as opposed to hub) is that it only forwards packets to interfaces that the packet is addressed to. Except for broadcast packets, traffic to and from the OBi is not intended for the machine on which you are running Wireshark.

Hubs are pretty rare these days but if you can get your hands on one, try putting it between the OBi and router. Then move your Wireshark's ethernet connection from router to the hub.

[azrobert]

You can use Wireshark without a hub if you have both a LAN and a WiFi connection on your computer. Use WiFi to connect to the internet then define the LAN connection as a bridge. Plug the OBi200 into the LAN connection on the computer running Wireshark. Now Wireshark will see the traffic.

Define bridge on PC:
Go to Network and Sharing Center
Click Change Adapter Settings
You will see all your network connections
Click Organize and Select All
Right click on the LAN and select Bridge Connections
A Network Bridge will appear
Click anywhere to un-select the connections

Delete Bridge:
Right click LAN and select Remove From Bridge
Right click the Bridge and delete.

[TTCP]

Thanks drgeoff & azrobert for the insights.  Now I realize the cause of the problem.

I prefer to disable the router's DHCP, and find some DHCP server software, and install it on my WireShark laptop, and set the default gateway/DNS of all the clients on my network to be my laptop, with my laptop itself using static IP, and pointing to the router as the default gateway/DNS.

This way, I can monitor the traffic from ALL the clients on the network.  But my first job would be to try to find some DHCP server software. Not an easy job though. Worst case is that I write this piece of software myself.

( Actually, I think if I set up my laptop this way, I don't need WireShark. I don't need to set my NIC card to be in promiscuous mode, because my laptop will be receiving all the traffic anyway. Right?  I just need to find a way to capture and display these traffic. )

[Taoman]

But my first job would be to try to find some DHCP server software. Not an easy job though. Worst case is that I write this piece of software myself.

I don't need WireShark.  I just need to find a way to capture and display these traffic. )

Heck yes. As long as you're willing to write some DHCP server software why stop there? Just whip out a packet capture program also.
You don't need no stinkin' Wireshark!