https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3061
--- Comment #3 from Jim Young <jyoung@xxxxxxx> 2008-11-14 08:34:44 PDT ---
Hello JV,
Your attachment shows all the messages as ICMP Destination unreachable (Port
Unreachable) packets.
ICMP packets are often "special" in the sense that they include a portion of
the original IP message that triggered the ICMP response.
In this case it's the header of inner IP packet that matches the display filter
and results in the messages you believe should NOT be seen.
In fact you will NOT exclude any messages from the attachment with the
following display filter:
ip.dst == 172.16.0.0/12
or even the most simple (but non-obvious) filter of:
ip.dst == 172.17.1.10
This behavior is particularly useful for nested/encapsulated protocols.
I have found that this seeing (superficially unexpected)ICMP messages such as
this have actually HELPED pinpoint the real reason packets were not flowing
between two endpoints!
I don't think there is any bug here.
Hope this helps,
Jim Y.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
