Извините, если мой вопрос неясен. Я не сетевой эксперт. У меня есть мост, который соединяет мою сеть с внешней сетью, состоящей из нескольких узлов. Мост получает мой запрос, включая номер узла (предположим, n1 или n2), а затем пересылает мое сообщение на узел назначения (например, я хочу отправить «0» на узел n4).
Я имею доступ к мосту и знаю его IP. Но мне нужно знать, как Мост общается с узлами. Мне нужно знать, что такое IP-адреса узлов и формат, который он связывает с узлами. Таким образом, я подумал о том, чтобы захватить исходящий трафик с моста. Я ценю любые предложения и рекомендации.
Спасибо
Bridges are unaware of IP because they are Layer 2 devices. A bridge have 2 or more ports and communicate LAN segments connected to its ports.
The bridge stores a table relating MAC addresses and the port where they are connected.
When a bridge receives data, it verifies that the destination MAC address appears on its Addresses table, and send the data through the port the table indicates.
I need to know how does the Bridge talk to the nodes.
For an Ethernet bridge, i.e. a switch/hub: Ethernet frames that come in on one port is either A) replicated to all ports (hub style) or B) replicated to a single port where the bridge has learned the MAC address - if it has not seen the MAC address before, A happens. Hubs only do A. switches do B if possible.
An Ethernet switch/hub is technically a type of bridge, but usually the term "bridge" is used when the media types are different - i.e. you have copper Ethernet on one side and optical on the other - or wired Ethernet on one side and wireless Ethernet on the other.
Switches/hubs/bridges do not care or know anything about IP addresses. The IP of the bridge is likely really an IP to a management interface and is distinct from any forwarding function the bridge is doing.
I thought of capturing the outgoing traffic from the Bridge.
In the days of hubs this was easy, just connect a device that can capture traffic (i.e. PC running Wireshark) to one of the ports - all traffic is replicated on all ports so anything can sniff all traffic running through it. If your bridge device functions this way it may still be possible.
If it functions more like a switch, where it will only forward to specific ports that it has learned where specific MAC addresses respond, this won't work.
If you can log on to this device via its IP, it may have a function where it can turn a port on the bridge into a "monitor" port - i.e. all traffic that goes through it is replicated. You can then connect something that captures traffic to this port.