Hello Harris n Sake,
Thanx both of you for the help. The problem was due the <cr><lf> at the end of the REGISTER request. Somehow our simulator did not send 0a0d at the end of the req, thats why both REGISTER and 200 OK merged to one packet in case of TCP.
Now this is solved. Again thanx a lot both of you.
Regards,
Sabyasachi
On 6/20/08, Guy Harris <guy@xxxxxxxxxxxx> wrote:
Sabyasachi Samal wrote:
> I am having one problem while sending SIP messages over TCP transport.
> Some times wireshark shows
>
> [Unreassembled Packet [incorrect TCP checksum]: SIP] . Why this error is
> coming?
If that packet was sent by the machine running Wireshark, it might have
been sent on an interface that does TCP checksum offloading:
http://wiki.wireshark.org/TCP_checksum_offload
(you might be running an older version of Wireshark which didn't
specifically note that this might be due to TCP checksum offloading).
See the Wiki page listed above for information on why this causes
checksum errors to be reported and how to turn checksum checking off.
Turning checksum checking off causes Wireshark to reassemble the two
segments into a single SIP message.
> At other side it displays [TCP segment of a reassembled PDU]. Please let
> me know what does this mean
It means that Wireshark was trying to reassemble a SIP message that was
in more than one TCP segment. If that segment eventually shows up in a
reassembled PDU, there's no problem. In the PS.pcap capture, that's
what's happening - the SIP message in that packet has some of its data
in packet 1 and some of its data in packet 3.
Those two captures appear to be of the same traffic, presumably just
taken on different machines (one on the machine sending the SIP traffic,
and one on the machine that's just acknowledging the TCP segments).
That message looks a little strange, though - I'm not familiar with SIP,
but if it follows the same model as HTTP, it appears to contain a request:
REGISTER tel:home1.net SIP/2.0
and a reply:
SIP/2.0 200 OK
There's no blank line in the TCP stream between them; perhaps this is a
bug in the sending SIP implementation (if there's supposed to be a blank
line at the end of the REGISTER request), perhaps this is a bug in
Wireshark's dissection of the REGISTER request (if there's *not*
supposed to be a blank line at the end of the REGISTER request, and
something else marks the end of the REGISTER request), or perhaps this
is a bug in my assumptions about SIP (if that really *is* a single message).
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users
--
Regards,
Sabyasachi Samal
IMS Testing Solution
Nethawk Networks India Pvt. Ltd.
Bhubaneswar
Orissa, India
