https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3814
Summary: VRRPv2 (RFC 3768) shows invalid TTL for dst32=224.0.0.18
and ttl=255
Product: Wireshark
Version: 1.2.1
Platform: All
OS/Version: All
Status: NEW
Severity: Minor
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: ivan_jr@xxxxxxxxx
Ivan Sy <ivan_jr@xxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #3465| |review_for_checkin?
Flag| |
Created an attachment (id=3465)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3465)
VRRPv2 with TTL set to 255, removed FIXME
Build Information:
Version 1.3.0-SV-29308
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with c-ares 1.6.0, with Lua 5.1, without Python, with GnuTLS 2.8.1, with Gcrypt
1.4.4, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Aug 6
2009), with AirPcap.
Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1
beta5
(packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS 2.8.1,
Gcrypt 1.4.4, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 30729
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
VRRPv2 (RFC 3768) shows invalid TTL for dst32=224.0.0.18 and ttl=255
Notes:
- in dissectors/packet-ip.c there's a message "FIXME"
/* If an IP is destined for an IP address in the Local Network Control Block
* (e.g. 224.0.0.0/24), the packet should never be routed and the TTL would
* be expected to be 1. (see RFC 3171) Flag a TTL greater than 1.
*
* Flag a low TTL if the packet is not destined for a multicast address
* (e.g. 224.0.0.0/4).
*
* FIXME: Add an exception list, as Some protocols seem to insist on
* doing differently:
* - IETF's VRRP (rfc3768) always uses 224.0.0.18 with 255
* - Cisco's GLPB always uses 224.0.0.102 with 255
* Even more, VRRP and GLBP should probably be flagged as an error, if
* seen with any TTL except 255.
*/
- from Virtual Router Redundancy Protocol (RFC 3768)
5.2.2. Destination Address
The IP multicast address as assigned by the IANA for VRRP is:
224.0.0.18
This is a link local scope multicast address. Routers MUST NOT
forward a datagram with this destination address regardless of its
TTL.
5.2.3. TTL
The TTL MUST be set to 255. A VRRP router receiving a packet with
the TTL not equal to 255 MUST discard the packet.
Here's a patch and sample packet capture
Question: at first i thought that the frame is showing RED because it was
expecting a TTL of 1 coz it's a multicast... Now, the info is gone but still it
is colored RED.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
