Wireshark-bugs: [Wireshark-bugs] [Bug 3320] New: wireshark gets DSCP and ECN backwards in the Di
Date: Tue, 10 Mar 2009 10:17:22 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3320 Summary: wireshark gets DSCP and ECN backwards in the Diff Svcs IP Header field Product: Wireshark Version: 1.0.6 Platform: x86 OS/Version: Windows XP Status: NEW Severity: Minor Priority: Low Component: Wireshark AssignedTo: wireshark-bugs@xxxxxxxxxxxxx ReportedBy: nschley@xxxxxxx Nate Schley <nschley@xxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2840| |review_for_checkin? Flag| | Created an attachment (id=2840) --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2840) picture of the Wireshark GUI interpretation of the Diff Svcs Field Build Information: Version 1.0.6 (SVN Rev 27387) Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled with GTK+ 2.12.8, with GLib 2.14.6, with WinPcap (version unknown), with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8, with ADNS, with Lua 5.1, with GnuTLS 2.6.3, with Gcrypt 1.4.3, with MIT Kerberos, with PortAudio V19-devel, with AirPcap. Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.2 (packet.dll version 4.0.0.1040), based on libpcap version 0.9.5, without AirPcap. Built using Microsoft Visual C++ 6.0 build 8804 -- Per rfc2474 (http://tools.ietf.org/html/rfc2474), the differentiated services field is comprised as follows: / | 0 1 2 3 4 5 6 7 | +---+---+---+---+---+---+---+---+ | | DSCP | CU | | +---+---+---+---+---+---+---+---+ | | DSCP: differentiated services codepoint | CU: currently unused | | | In a DSCP value notation 'xxxxxx' (where 'x' may equal '0' or '1') | used in this document, the left-most bit signifies bit 0 of the DS | field (as shown above), and the right-most bit signifies bit 5. / However, I find Wireshark taking a DS field with value of 0x80 and presenting it as "DSCP 0x20: Class Selector 4; ECN: 0x00." This would be correct if the endian-ness of the DS field were reversed, e.g. / | 7 6 5 4 3 2 1 0 | +---+---+---+---+---+---+---+---+ | | DSCP | CU | | +---+---+---+---+---+---+---+---+ / but that's clearly not what the RFC says. RFC3168 ("The Addition of ECN to IP") (http://tools.ietf.org/html/rfc3168) corroborates this: / | 0 1 2 3 4 5 6 7 | +-----+-----+-----+-----+-----+-----+-----+-----+ | | DS FIELD, DSCP | ECN FIELD | | +-----+-----+-----+-----+-----+-----+-----+-----+ | | DSCP: differentiated services codepoint | ECN: Explicit Congestion Notification | | Figure 2: The Differentiated Services and ECN Fields in IP. | | Bits 6 and 7 in the IPv4 TOS octet are designated as the ECN field. | The IPv4 TOS octet corresponds to the Traffic Class octet in IPv6, | and the ECN field is defined identically in both cases. The | definitions for the IPv4 TOS octet [RFC791] and the IPv6 Traffic | Class octet have been superseded by the six-bit DS (Differentiated | Services) Field [RFC2474, RFC2780]. Bits 6 and 7 are listed in | [RFC2474] as Currently Unused, and are specified in RFC 2780 as | approved for experimental use for ECN. Section 22 gives a brief | history of the TOS octet. / (Link: http://tools.ietf.org/html/rfc3168#section-22) Wireshark should take the 6 LSb as DSCP and the 2 MSb as ECN FIELD. -- Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
- Follow-Ups:
- Prev by Date: [Wireshark-bugs] [Bug 3319] rtp_player does not display timestamp problems
- Next by Date: [Wireshark-bugs] [Bug 3320] wireshark gets DSCP and ECN backwards in the Diff Svcs IP Header field
- Previous by thread: [Wireshark-bugs] [Bug 3319] rtp_player does not display timestamp problems
- Next by thread: [Wireshark-bugs] [Bug 3320] wireshark gets DSCP and ECN backwards in the Diff Svcs IP Header field
- Index(es):
- Get Wireshark
- Download
- Code of Conduct