Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Diameter [Malformed Packet: GTPv2]

From: Bo Xu <xubo.leo () gmail com>
Date: Fri, 26 Aug 2011 00:21:11 +0800
Hello  guys ,

         I am very confused that I got "Malformed Packet: GTPv2" in every
Diameter (CCR) in version 1.6 .

   I tried multiple versions of wireshark , I have found that  for the same
err_sample.pcap which I have already attached , there is

   no such annoying prompt in version 1.2.16 .   I read the WireShark manual
, there is some explanation in this URL.

   http://www.wireshark.org/docs/wsug_html_chunked/AppMessages.html#id622336.

   To my understanding , mostly there is something wrong in the packet
content . Another proof is that other diameter packet is working

   perfectly with wireshark 1.6.1 version .

   Here comes my question :    does this   AVP(20600)  finally caused the
"malformed packet" prompt because there is no data in this AVP?

   Or is there anything wrong with the CCR packet content ?

   FYI : Diameter Server Port is 6555 ,  and this server connects the
multiple clients.

     Service-Information:
00005078c000000c00013c680000036ac000001c000028af...
            AVP: Unknown(20600) l=12 f=VM- vnd=81000
                AVP Code: 20600 Unknown
                AVP Flags: 0xc0
                AVP Length: 12
                AVP Vendor Id: Unknown (81000)
                [No data]
                    [Expert Info (Warn/Undecoded): Data is empty]
                        [Message: Data is empty]
                        [Severity level: Warn]
                        [Group: Undecoded]
            AVP: PS-Information(874) l=28 f=VM- vnd=TGPP
[Malformed Packet: GTPv2]
    [Expert Info (Error/Malformed): Malformed Packet (Exception occurred)]
        [Message: Malformed Packet (Exception occurred)]
        [Severity level: Error]
        [Group: Malformed]

BR
Xu Bo

Attachment: err_sample.zip
Description: 

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: