|
I had not looked at these packets in detail. I had assumed they were special pxe packets. I will try and find out what the source device is running that might be generating the packets.
Greg
>>> Guy Harris <guy@xxxxxxxxxxxx> 7/7/2003 3:06:56 PM >>>
On Monday, July 7, 2003, at 8:57 AM, Greg Morris wrote:
> Here are the same problem trace files in Lanalyzer format.
Well, they're Ethernet captures, but with a network type other than
what we've seen in NetXRay/Windows Sniffer captures.
I have a change that treats the network type as a 1-byte field rather
than a 2-byte field, and that checks the byte *after* the network type
- if it's 2, it treats the network type as an NDIS type value, and if
it's 0, it treats it as an NDIS type value - 1, which should handle all
the captures with 0 the same as it always has, and treats your two
captures as Ethernet.
I treat all other values for that byte as errors.
I don't know what significance, if any, that byte has.
I've attached a patch with the change.
BTW, there are some packets in the server capture (such as the first
two) with an IP protocol type of 0xe0; any idea what they are? (There
are also some SNAP packets with an OUI of 0x00000c, for Cisco, and a
protocol ID of 0x2004; does anybody know what *those* are?)
|
