Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 3342] New: he wccp packet format shown for redirect assign

Date: Wed, 18 Mar 2009 23:24:20 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3342

           Summary: he wccp packet format shown for redirect assignment
                    message is wrong.
           Product: Wireshark
           Version: 0.99.6
          Platform: Other
               URL: http://www.wrec.org/Drafts/draft-wilson-wrec-wccp-v2-
                    00.txt
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: mk.mahesh29@xxxxxxxxx


Build Information:
Version 0.99.6a (SVN Rev 22276)

Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.10.12, with GLib 2.12.12, with WinPcap (version unknown),
with libz 1.2.3, with libpcre 6.4, with Net-SNMP 5.4, with ADNS, with Lua 5.1,
with GnuTLS 1.6.1, with Gcrypt 1.2.3, with MIT Kerberos, with PortAudio
PortAudio V19-devel, with AirPcap.

Running on Windows XP Service Pack 2, build 2600, with WinPcap version 4.0.1
(packet.dll version 4.0.0.901), based on libpcap version 0.9.5, without
AirPcap.

Built using Microsoft Visual C++ 6.0 build 8804

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
The wccp packet format is not proper.
The wccp packet format shown for redirect assignment message is wrong.

Here is how it looks with Wireshark.

The last field is shown as unknown!!. But that field is suppose to be
assignment info component field.


No.     Time           Source                Destination           Protocol
Info
     55 9.373862267    10.10.10.3            10.10.10.1            WCCP     2.0
Redirect assign

Frame 55 (206 bytes on wire, 206 bytes captured)
    Arrival Time: Feb 14, 2017 22:58:23.140346527
    [Time delta from previous captured frame: 0.000041724 seconds]
    [Time delta from previous displayed frame: 0.000041724 seconds]
    [Time since reference or first frame: 9.373862267 seconds]
    Frame Number: 55
    Frame Length: 206 bytes
    Capture Length: 206 bytes
    [Frame is marked: True]
    [Protocols in frame: eth:ip:udp:wccp]
    [Coloring Rule Name: UDP]
    [Coloring Rule String: udp]
Ethernet II, Src: Ibm_f2:23:bd (00:1a:64:f2:23:bd), Dst: Cisco_c2:84:41
(00:1b:54:c2:84:41)
    Destination: Cisco_c2:84:41 (00:1b:54:c2:84:41)
        Address: Cisco_c2:84:41 (00:1b:54:c2:84:41)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Source: Ibm_f2:23:bd (00:1a:64:f2:23:bd)
        Address: Ibm_f2:23:bd (00:1a:64:f2:23:bd)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Type: IP (0x0800)
Internet Protocol, Src: 10.10.10.3 (10.10.10.3), Dst: 10.10.10.1 (10.10.10.1)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..0. = ECN-Capable Transport (ECT): 0
        .... ...0 = ECN-CE: 0
    Total Length: 192
    Identification: 0x5cf3 (23795)
    Flags: 0x00
        0... = Reserved bit: Not set
        .0.. = Don't fragment: Not set
        ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 64
    Protocol: UDP (0x11)
    Header checksum: 0xf522 [correct]
        [Good: True]
        [Bad : False]
    Source: 10.10.10.3 (10.10.10.3)
    Destination: 10.10.10.1 (10.10.10.1)
User Datagram Protocol, Src Port: 2048 (2048), Dst Port: 2048 (2048)
    Source port: 2048 (2048)
    Destination port: 2048 (2048)
    Length: 172
    Checksum: 0x07a6 [correct]
        [Good Checksum: True]
        [Bad Checksum: False]
Web Cache Coordination Protocol
    WCCP Message Type: 2.0 Redirect assign (12)
    WCCP Version: 2 (0x00000200)
    Length: 156
    Security Info
        Type: Security Info
        Length: 4
        Security Option: None
    Service Info
        Type: Service Info
        Length: 24
        Service Type: Dynamic service
        Service ID: Unknown (0x3D)
        Priority: 34
        Protocol: 6
        Flags: 0x00000501
            .... .... .... .... .... .... .... ...1 = Use source IP address in
primary hash
            .... .... .... .... .... .... .... ..0. = Don't use destination IP
address in primary hash
            .... .... .... .... .... .... .... .0.. = Don't use source port in
primary hash
            .... .... .... .... .... .... .... 0... = Don't use destination
port in primary hash
            .... .... .... .... .... .... ...0 .... = Ports not defined
            .... .... .... .... .... ...1 .... .... = Use source IP address in
secondary hash
            .... .... .... .... .... ..0. .... .... = Don't use destination IP
address in secondary hash
            .... .... .... .... .... .1.. .... .... = Use source port in
secondary hash
            .... .... .... .... .... 0... .... .... = Don't use destination
port in secondary hash
    Unknown info type (13)
        Type: Unknown info type (13)
        Length: 116
        Data: 116 bytes

No.     Time           Source                Destination           Protocol
Info
     56 9.373863936    10.10.10.3            10.10.10.1            WCCP     2.0
Redirect assign

Frame 56 (206 bytes on wire, 206 bytes captured)
    Arrival Time: Feb 14, 2017 22:58:23.140348196
    [Time delta from previous captured frame: 0.000001669 seconds]
    [Time delta from previous displayed frame: 0.000001669 seconds]
    [Time since reference or first frame: 9.373863936 seconds]
    Frame Number: 56
    Frame Length: 206 bytes
    Capture Length: 206 bytes
    [Frame is marked: True]
    [Protocols in frame: eth:ip:udp:wccp]
    [Coloring Rule Name: UDP]
    [Coloring Rule String: udp]
Ethernet II, Src: Ibm_f2:23:bd (00:1a:64:f2:23:bd), Dst: Cisco_c2:84:41
(00:1b:54:c2:84:41)
    Destination: Cisco_c2:84:41 (00:1b:54:c2:84:41)
        Address: Cisco_c2:84:41 (00:1b:54:c2:84:41)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Source: Ibm_f2:23:bd (00:1a:64:f2:23:bd)
        Address: Ibm_f2:23:bd (00:1a:64:f2:23:bd)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Type: IP (0x0800)
Internet Protocol, Src: 10.10.10.3 (10.10.10.3), Dst: 10.10.10.1 (10.10.10.1)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..0. = ECN-Capable Transport (ECT): 0
        .... ...0 = ECN-CE: 0
    Total Length: 192
    Identification: 0x5cf3 (23795)
    Flags: 0x00
        0... = Reserved bit: Not set
        .0.. = Don't fragment: Not set
        ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 64
    Protocol: UDP (0x11)
    Header checksum: 0xf522 [correct]
        [Good: True]
        [Bad : False]
    Source: 10.10.10.3 (10.10.10.3)
    Destination: 10.10.10.1 (10.10.10.1)
User Datagram Protocol, Src Port: 2048 (2048), Dst Port: 2048 (2048)
    Source port: 2048 (2048)
    Destination port: 2048 (2048)
    Length: 172
    Checksum: 0x07a6 [correct]
        [Good Checksum: True]
        [Bad Checksum: False]
Web Cache Coordination Protocol
    WCCP Message Type: 2.0 Redirect assign (12)
    WCCP Version: 2 (0x00000200)
    Length: 156
    Security Info
        Type: Security Info
        Length: 4
        Security Option: None
    Service Info
        Type: Service Info
        Length: 24
        Service Type: Dynamic service
        Service ID: Unknown (0x3D)
        Priority: 34
        Protocol: 6
        Flags: 0x00000501
            .... .... .... .... .... .... .... ...1 = Use source IP address in
primary hash
            .... .... .... .... .... .... .... ..0. = Don't use destination IP
address in primary hash
            .... .... .... .... .... .... .... .0.. = Don't use source port in
primary hash
            .... .... .... .... .... .... .... 0... = Don't use destination
port in primary hash
            .... .... .... .... .... .... ...0 .... = Ports not defined
            .... .... .... .... .... ...1 .... .... = Use source IP address in
secondary hash
            .... .... .... .... .... ..0. .... .... = Don't use destination IP
address in secondary hash
            .... .... .... .... .... .1.. .... .... = Use source port in
secondary hash
            .... .... .... .... .... 0... .... .... = Don't use destination
port in secondary hash
    Unknown info type (13)
        Type: Unknown info type (13)
        Length: 116
        Data: 116 bytes

No.     Time           Source                Destination           Protocol
Info
     57 9.373870611    10.10.10.3            10.10.10.2            WCCP     2.0
Redirect assign

Frame 57 (206 bytes on wire, 206 bytes captured)
    Arrival Time: Feb 14, 2017 22:58:23.140354871
    [Time delta from previous captured frame: 0.000006675 seconds]
    [Time delta from previous displayed frame: 0.000006675 seconds]
    [Time since reference or first frame: 9.373870611 seconds]
    Frame Number: 57
    Frame Length: 206 bytes
    Capture Length: 206 bytes
    [Frame is marked: True]
    [Protocols in frame: eth:ip:udp:wccp]
    [Coloring Rule Name: UDP]
    [Coloring Rule String: udp]
Ethernet II, Src: Ibm_f2:23:bd (00:1a:64:f2:23:bd), Dst: Cisco_d8:5f:45
(00:18:ba:d8:5f:45)
    Destination: Cisco_d8:5f:45 (00:18:ba:d8:5f:45)
        Address: Cisco_d8:5f:45 (00:18:ba:d8:5f:45)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Source: Ibm_f2:23:bd (00:1a:64:f2:23:bd)
        Address: Ibm_f2:23:bd (00:1a:64:f2:23:bd)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
    Type: IP (0x0800)
Internet Protocol, Src: 10.10.10.3 (10.10.10.3), Dst: 10.10.10.2 (10.10.10.2)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..0. = ECN-Capable Transport (ECT): 0
        .... ...0 = ECN-CE: 0
    Total Length: 192
    Identification: 0x0e45 (3653)
    Flags: 0x00
        0... = Reserved bit: Not set
        .0.. = Don't fragment: Not set
        ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 64
    Protocol: UDP (0x11)
    Header checksum: 0x43d0 [correct]
        [Good: True]
        [Bad : False]
    Source: 10.10.10.3 (10.10.10.3)
    Destination: 10.10.10.2 (10.10.10.2)
User Datagram Protocol, Src Port: 2048 (2048), Dst Port: 2048 (2048)
    Source port: 2048 (2048)
    Destination port: 2048 (2048)
    Length: 172
    Checksum: 0x07a5 [correct]
        [Good Checksum: True]
        [Bad Checksum: False]
Web Cache Coordination Protocol
    WCCP Message Type: 2.0 Redirect assign (12)
    WCCP Version: 2 (0x00000200)
    Length: 156
    Security Info
        Type: Security Info
        Length: 4
        Security Option: None
    Service Info
        Type: Service Info
        Length: 24
        Service Type: Dynamic service
        Service ID: Unknown (0x3D)
        Priority: 34
        Protocol: 6
        Flags: 0x00000501
            .... .... .... .... .... .... .... ...1 = Use source IP address in
primary hash
            .... .... .... .... .... .... .... ..0. = Don't use destination IP
address in primary hash
            .... .... .... .... .... .... .... .0.. = Don't use source port in
primary hash
            .... .... .... .... .... .... .... 0... = Don't use destination
port in primary hash
            .... .... .... .... .... .... ...0 .... = Ports not defined
            .... .... .... .... .... ...1 .... .... = Use source IP address in
secondary hash
            .... .... .... .... .... ..0. .... .... = Don't use destination IP
address in secondary hash
            .... .... .... .... .... .1.. .... .... = Use source port in
secondary hash
            .... .... .... .... .... 0... .... .... = Don't use destination
port in secondary hash
    Unknown info type (13)
        Type: Unknown info type (13)
        Length: 116
        Data: 116 bytes


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.