|
Hi,
I'm seeing the following frames on my router, but
they are not 802.3 frames even though the protocol id is 0x0070 and being
interpreted as 802.3 length field. I can see PPPOE and IP headers in the frame.
How do I "force" ethereal to interpret this frame as an ethernet II frame and
decode the encapsulated protocols correctly?
No.
Time
Source
Destination Protocol
Info
60 38.891425
00:00:00_0d:60:12
Netgear_fc:7d:8f LLC
S, func=RNR, N(R)=126; DSAP NULL LSAP Individual, SSAP PROWAY (IEC955) Network
Management and Initialization Response
Frame 60 (259 bytes on wire, 259 bytes
captured)
Arrival Time: Jan 17, 2006
17:53:31.732127000
Time delta from previous packet:
2.985880000 seconds
Time since reference or first frame:
38.891425000 seconds
Frame Number:
60
Packet Length: 259 bytes
Capture
Length: 259 bytes
Protocols in frame: eth:llc:data
IEEE
802.3 Ethernet
Destination: Netgear_fc:7d:8f
(00:0f:b5:fc:7d:8f)
Source: 00:00:00_0d:60:12
(00:00:00:0d:60:12)
Length: 112
Trailer:
CE6B4078BDCF313707BA821DF47EA6DD1C4E6D72876A36C4...
Frame
check sequence: 0xc51c9b52 [incorrect, should be 0x3c52e75b]
Logical-Link
Control
DSAP: NULL LSAP (0x00)
IG
Bit: Individual
SSAP: PROWAY (IEC955) Network Management
and Initialization (0x0e)
CR Bit:
Response
Control field: S, func=RNR, N(R)=126
(0xFCB5)
1111 110. .... .... =
N(R): 126
.... .... .... 01.. =
Supervisory frame type: Receiver not ready
(0x0001)
.... .... .... ..01 =
Frame type: Supervisory frame (0x0001)
Data (108 bytes)
0000 7d 8e 08 00 45 10 00 ed 54 37 40 00 34
06 f0 9f }[email protected]...
0010 ca 51 12 21 c0 a8
64 09 01 bb 09 92 39 67 d4 f6 .Q.!..d.....9g..
0020 8c 5b
1c 1a 50 18 25 bc d0 32 00 00 01 03 00 c1
.[..P.%..2......
0030 17 03 00 00 bc a8 4e 67 08 0f 3c 52 c5 ab 4e
13 ......Ng..<R..N.
0040 d3 3c bb 25 79 b5 79 5c 0a c6
8d 24 bf 57 3d 29 .<.%y.y\...$.W=)
0050 94 90 91 24 3f
82 8c ff 5d 8c a1 f1 15 ca e0 1c ...$?...].......
0060 ff
1f fc 0c 16 7f c1 1e 35 73 4a
c0
........5sJ.
Regards,
Terry
oooh...they make the internet for computers now
- H. Simpson.
|
