Wireshark
the world's foremost network protocol analyzer
Wireshark-dev: [Wireshark-dev] Problem due to segmentation...
From: prashanth joshi <prashanthsjoshi2000@xxxxxxxxx>
Date: Sun, 5 Nov 2006 11:48:15 -0800 (PST)
Hi,
How are you guys...
First I would like to thank u all for the tremendous support that you have all shown in the development activity.
Our trace file contains 5 GCDR 's within the same GTP packet.
The first four CDR's are correctly parsed. How ever the fifth is not at all displayed. It was observed that the tcp segmentation occured after the fourth cdr.
As a result the fifth CDR even though it is present in the data stream is not at all parsed by the ethereal.
It seems as TCP fragments are reassembled only at the destimation and ethereal sniffs packets off the wire even before the packets reach the destination ( ie within the n/w and not at the destination ) only the 4 cdr's are
displayed. And the fifth cdr when it arrives in the stream much later is not recognized by the ethereal becos it can recognize the cdr only if there is gtp header attached to it.
The gtp header had arrived with the first four cdrs'. So ethereal does not recognize the fifth cdr as there is no gtp header with it.
So how to solve this problem...
Regards,
Prashanth
Want to start your own business? Learn how on Yahoo! Small Business.
- Follow-Ups:
- [Wireshark-dev] Problem due to segmentation of GTP packet.....
- From: prashanth joshi
- [Wireshark-dev] Problem due to segmentation of GTP packet.....
- References:
- Re: [Wireshark-dev] contribution: OpenChange dissector for NSPI protocol
- From: Julien Kerihuel
- Re: [Wireshark-dev] contribution: OpenChange dissector for NSPI protocol
- Prev by Date: Re: [Wireshark-dev] contribution: OpenChange dissector for NSPI protocol
- Next by Date: [Wireshark-dev] Extraneous trailing comma in enum definition
- Previous by thread: Re: [Wireshark-dev] contribution: OpenChange dissector for NSPI protocol
- Next by thread: [Wireshark-dev] Problem due to segmentation of GTP packet.....
- Index(es):