ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 2511] New: Wrong TCP DUP and out-of-order analysis in diff

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 28 Apr 2008 14:08:21 -0700 (PDT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2511

           Summary: Wrong TCP DUP and out-of-order analysis in differents
                    vlan.
           Product: Wireshark
           Version: 1.0.0
          Platform: Macintosh
        OS/Version: Mac OS X 10.4
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: cyrille.hombecq@xxxxxxxxx


Created an attachment (id=1751)
 --> (http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1751)
capture that show the bug

Build Information:
wireshark 1.0.0

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.4, with GLib 2.14.6, with libpcap 0.9.8, with libz
1.2.3, without POSIX capabilities, without libpcre, without SMI, without ADNS,
without Lua, without GnuTLS, without Gcrypt, with MIT Kerberos, without
PortAudio, without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Darwin 8.11.1 (MacOS 10.4.11), with libpcap version 0.9.8.

Built using gcc 4.0.1 (Apple Computer, Inc. build 5367).
--
In a network using a bridge with 2 vlans, wireshark analysis packets passing to
the second vlans as duplicate of the first one. the tcp analysis ignore the
vlan ID. See a capture in attachement.

example of Wrong TCP Dup ACK :

packets 9
source : 192.168.201.204
destination : 192.168.200.7
source port : 1028
destination port : 3389
sequence number : 1 
next sequence number : 41
8021Q vlanid : 2505

packets 10 
source : 192.168.201.204
destination : 192.168.200.7
source port : 1028
destination port : 3389
sequence number : 1 
next sequence number : 41
8021Q vlanid : 2503

example of Wrong TCP Out-of-order 

packets 17
source : 192.168.200.7
destination : 192.168.201.204
source port : 3389
destination port : 1028
sequence number : 41 
next sequence number : 82
acknowledgement number 1
8021Q vlanid : 2503

packets 18
source : 192.168.200.7
destination : 192.168.201.204
source port : 3389
destination port : 1028
sequence number : 41 
next sequence number : 82
acknowledgement number 1
8021Q vlanid : 2505


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube