Wireshark-users: [Wireshark-users] Diameter [Malformed Packet: GTPv2]
: Bo Xu <xubo.leo@xxxxxxxxx
: Fri, 26 Aug 2011 00:21:11 +0800
Hello guys ,
I am very confused that I got "Malformed Packet: GTPv2" in every Diameter (CCR) in version 1.6 .
I tried multiple versions of wireshark , I have found that for the same err_sample.pcap which I have already attached , there is
no such annoying prompt in version 1.2.16 . I read the WireShark manual , there is some explanation in this URL. http://www.wireshark.org/docs/wsug_html_chunked/AppMessages.html#id622336
To my understanding , mostly there is something wrong in the packet content . Another proof is that other diameter packet is working
perfectly with wireshark 1.6.1 version .
Here comes my question : does this AVP(20600) finally caused the "malformed packet" prompt because there is no data in this AVP?
Or is there anything wrong with the CCR packet content ?
FYI : Diameter Server Port is 6555 , and this server connects the multiple clients.
AVP: Unknown(20600) l=12 f=VM- vnd=81000 AVP Code: 20600 Unknown
AVP Flags: 0xc0 AVP Length: 12
AVP Vendor Id: Unknown (81000) [No data]
[Expert Info (Warn/Undecoded): Data is empty] [Message: Data is empty]
[Severity level: Warn] [Group: Undecoded]
AVP: PS-Information(874) l=28 f=VM- vnd=TGPP
[Malformed Packet: GTPv2]
[Expert Info (Error/Malformed): Malformed Packet (Exception occurred)]
[Message: Malformed Packet (Exception occurred)]
[Severity level: Error]
Description: Zip archive