Wireshark mailing list archives
Re: DOCSIS is not one of the DLTs supported by this device).
From: Guy Harris <guy () alum mit edu>
Date: Mon, 7 Dec 2009 16:49:32 -0800
On Dec 5, 2009, at 12:28 PM, Guy Harris wrote:
Is that a message that was printed when you ran tcpdump? (The equivalent message in Wireshark/TShark/dumpcap is "That DLT isn't one of the DLTs supported by this device".)
Actually, in some places, you can get the message in question from Wireshark/TShark/dumpcap; it means the same thing there as it does in tcpdump.
If so, that's not supported. "-y DOCSIS" is supported on Ethernet because some Cisco cable modem head-end equipment can put DOCSIS frames onto an Ethernet cable plugged into the device; what it does is uses the very low-level framing mechanism of Ethernet, but, instead of putting Ethernet frames, with a standard Ethernet header, on the cable, it puts DOCSIS frames on the cable. That flag causes the link- layer type of the capture to be marked as DOCSIS, not Ethernet, so that the capture will be properly interpreted by, for example, Wireshark and TShark. Cisco doesn't, as far as I know, support putting DOCSIS frames onto 802.11 networks in that fashion.
One thing this means is that if you're trying to see the raw DOCSIS traffic on your cable modem at home (or at work, if "work" means a company getting its Internet access from Comcast, Time Warner, Rogers, etc., rather than meaning Comcast, Time Warner, Rogers, etc. :-)), you can't do it that way. The cable modem will put the DOCSIS data packets onto your Ethernet/Wi-Fi/etc. as data packets, and will process the non-data DOCSIS packets internally and not put them on your network. *Maybe* there's a cable modem out there that supports some sort of "monitoring" port where you can see the DOCSIS packets from the cable side of the network, but, if so, it'll probably be a bit more complicated to tap that. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- DOCSIS is not one of the DLTs supported by this device). Scott and Germaine James (Dec 05)
- Re: DOCSIS is not one of the DLTs supported by this device). Guy Harris (Dec 05)
- Re: DOCSIS is not one of the DLTs supported by this device). Guy Harris (Dec 07)
- Re: DOCSIS is not one of the DLTs supported by this device). Guy Harris (Dec 05)