Wireshark · Wireshark-users: Re: [Wireshark-users] R13 S1AP message "Reroute NAS Request" is not decoding completely using 2.3.0

[Pascal Quantin <pascal.quantin@xxxxxxxxx>]

Hi Sabyasachi,

2017-04-17 12:03 GMT+02:00 Sabyasachi Samal <sabyasachisamal@xxxxxxxxx>:

Dear Pascal,

It decodes upto S1-Message using the fix. But the mandatory parameter "MME Group ID" is not decoded. Please have a look.

This is because of a PER encoding error. The RerouteNASRequest IE indicates only 3 sub IEs instead of 4 (value 0x03 at offset 6 since the beginning of the S1AP message). If you replace it with 4 (as seen in the attached pcap), you get the MME Group IE.

So it must be fixed on your side.

Best regards,

Pascal.

 

Regards,

Sabyasachi

On Fri, Mar 17, 2017 at 10:46 PM, Pascal Quantin <pascal.quantin@xxxxxxxxx> wrote:

2017-03-17 17:48 GMT+01:00 Pascal Quantin <pascal.quantin@xxxxxxxxx>:

Hi Sabyasachi,

2017-03-17 17:36 GMT+01:00 Sabyasachi Samal <sabyasachisamal@xxxxxxxxx>:

Hi Anders,

Thanks for the response. I am using the message structure of TS 36.413 v13.3.0 and wireshark development version Version 2.3.0-2658-gfe285c6 (v2.3.0rc0-2658-gfe285c6). I do not know the process of filling a ticket for wireshark. Attaching the trace here so that you guys can help.

Wireshark tries to decode the S1-Message element as a UE Initial Message PDU, and not as a S1AP message PDU. It means that the decoding is shifted by a few bits, leading to a wrong decoding. I'm gonna fix this.

Fix under review here: https://code.wireshark.org/review/#/c/20595/

Regards,

Pascal.

 

On Thu, Mar 16, 2017 at 2:49 PM, Anders Broman <anders.broman@xxxxxxxxxxxx> wrote:

Hi,

The S1AP dissector in trunk is based on TS 36.413 V13.5.0 (2016-12) so I guess it should decode the message.

The best is to raise a bug attaching a trace with the RerouteNASRequest message and describe what is not dissected correctly.

Regards

Anders

 

From: wireshark-users-bounces@wireshark.org [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Sabyasachi Samal
Sent: den 16 mars 2017 10:11
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Subject: [Wireshark-users] R13 S1AP message "Reroute NAS Request" is not decoding completely using 2.3.0

 

Hi,

R13 baseline S1AP message "RerouteNASRequest" is not decoding completely using 2.3.0. Can anyone suggest how to proceed on this or is there any plan supporting this.

 

--

Regards,
Sabyasachi

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

--

Regards,
Sabyasachi

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

--

Regards,
Sabyasachi

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Attachment: NAS_Reroute_Message_fixed.pcap
Description: Binary data