MQTT packet capture
-
Hi,
I am running a dedicated Home Assistant machine on home LAN, the same machine also runs an instance of Mosquitto (MQTT broker) that is used by few IoT devices (switches) on the same LAN. I tried packet capture on the LAN for the Home Assistant host and at the same time I toggled few of the IoT switches to generate MQTT traffic.But to my surprise the captured file did not contain a single packet for MQTT or any IP related to the switches. At first I thought I made a mistake so systematically eliminated following factors:
- Picked the correct interface for capture
- Used promiscuous mode
- Used the right IP for Home Assistant machine
- Removed number of packets from default 100 to 0 (for unlimited)
- No other filters used for capture
- Used MQTT explorer to connect to Home Assistant machine and see the payload change for topics as I was toggling switches
And I still cannot understand why there are no MQTT related packets in the capture, please advise if I overlooked anything from above check list that might explain this discrepancy.
Thanks!
-
If/when the packets "flow" on the same subnet (pure Layer 2 traffic) , they never pass pfSense. That is basic IP , and pfSense is not to be "blamed".
The MQTT trace has to be done where the data flows.If you have managed switches , you could create a "Mirror port" , and ie. "miror" your MQTT machines data , to the mirror port.
Then you put a wireshark machine into the mirror port, and all data flowing to/from the MQTT machine will be visible.If you don't have any managed switches (get them..) , or move "One of the ends" to another subnet , now traffic has to pass pfSense , and will be visible there.
/Bingo
-
@bingo600 Thanks, that makes total sense. Seems like I was chasing my own tail for last few hours
-
@pm_13
I'm working on getting your reputation to 5.
Then i think the posting limit (time delay) is removedYou're at 5 now
/Bingo
-
@bingo600 Thanks :-)
Also noticed the Qotom in your signature block, I bought Qotom-Q515G6 late last year and very pleased with its performance so far!!