Ethereal-dev: [Ethereal-dev] IS-IS CLNP decoding of ethereal vs sniffer

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Zuidweg, R (Rob)" <zuidweg@xxxxxxxxxx>
Date: Tue, 19 Dec 2000 13:23:02 +0100
L.S.

A question  regarding CLNP packet decoding.
I'm using ethereal to troubleshoot IS-IS networks and found that CLNP error
reports are decoded differently between ethereal and NAI's sniffer.

In case of a destination unknown package, the sniffer decodes the CLNP
error-report PDU as well as the CLNP data PDU. Ethereal only decodes the
error report PDU.
In order to find out the original SA and DA decoding of the data PDU is also
required.

Is it a bug that after the first cnlp packet in a frame other cnlp packets
are no longer decoded, or is this a design choice?
One other unrelated question is: what is the function of the plugins? Is
there any documentation on either plugin types or formats to create your
own?

I'll include the following files to show the difference in decoding for
ethereal and sniffer


erpdu.etr CLNP error report in libpcap format
ernpdu.txt  decoded tect by ethereal
sniffer.txt decoded text by sniffer


 <<ernpdu.etr>>  <<ernpdu.txt>>  <<sniffer.txt>> 
   


With kind regards,

	Rob Zuidweg
	Lucent Technologies O   

	Customer Technical  Support -SDH

	* +31 35 687 5328 
	* +31 35 687 5971  FAX             
	* +31 35 687 1555  Help Desk
  *mailto:zuidweg@xxxxxxxxxx
  *   P.O. Box 18
              Botterstraat 45
              1270 AA Huizen
              The Netherlands

Attachment: ernpdu.etr
Description: Binary data

Frame 41620 (140 on wire, 140 captured)
    Arrival Time: Oct 26, 2000 11:04:00.6878
    Time delta from previous packet: 0.000000 seconds
    Frame Number: 41620
    Packet Length: 140 bytes
    Capture Length: 140 bytes
IEEE 802.3 
    Destination: 00:60:b0:b6:ea:0a (00:60:b0:b6:ea:0a)
    Source: 00:60:1d:0f:02:25 (00:60:1d:0f:02:25)
    Length: 126
Logical-Link Control
    DSAP: ISO Network Layer (0xfe)
    IG Bit: Individual
    SSAP: ISO Network Layer (0xfe)
    CR Bit: Command
    Control field: U, func = UI (0x03)
        000. 00.. = Unnumbered Information
        .... ..11 = Unnumbered frame
ISO 8473 CLNP ConnectionLess Network Protocol
    Network Layer Protocol Identifier: CLNP (0x81)
    HDR Length   : 58
    Version      : 1
    Holding Time : 50 (25 secs)
    PDU Type     : 0x01 (ER)
    PDU length   : 123
    Checksum     : 0x0000
    DAL : 20
     DA : [39|00:00][80|00:00:00|00:00][00:00|10:10][00:60:b0_b6:ea:0a][01]
    SAL : 20
     SA : [39|00:00][80|00:00:00|00:00][00:00|10:00][00:60:1d_0f:02:25][00]
    ### Option Section ###
        Priority    : 0
        Reason for discard {Address}        : Destination Address unknown, in field 0
Data (65 bytes)

   0  0060 b0b6 ea0a 0060 1d0f 0225 007e fefe   .`.....`...%.~.. 
  10  0381 3a01 3201 007b 0000 1439 0000 8000   ..:.2..{...9.... 
  20  0000 0000 0000 1010 0060 b0b6 ea0a 0114   .........`...... 
  30  3900 0080 0000 0000 0000 0010 0000 601d   9.............`. 
  40  0f02 2500 cd01 00c1 0281 0081 3c01 32bc   ..%.........<.2. 
  50  0041 0000 1439 0000 8000 0000 0000 0000   .A...9.......... 
  60  1010 0060 1d0f 01fb 0114 3900 0080 0000   ...`......9..... 
  70  0000 0000 0010 1000 60b0 b6ea 0a01 9b6e   ........`......n 
  80  0000 0041 cd01 0004 62f6 037b             ...A....b..{     
- - - - - - - - - - - - - - - - - - - - Frame 1 - - - - - - - - - - - - - - - - - - - -
 Frame Source Address    Dest. Address      Size Rel. Time     Delta Time    Abs. Time              Summary
     1 39000080000000000 39000080000000000   140 000:00:00.000 0.000.000     26-10-2000 11:04:00 CLNP: Error Report D=390000800000000000000010100060B0B6EA0A01, S=3900008000000000000000100000601D0F022500
DLC:  ----- DLC Header -----
      DLC:  
      DLC:  Frame 1 arrived at  11:04:00.0000; frame size is 140 (008C hex) bytes.
      DLC:  Destination = Station 0060B0B6EA0A
      DLC:  Source      = Station 00601D0F0225
      DLC:  802.3 length = 126
      DLC:  
LLC:  ----- LLC Header -----
      LLC:  
      LLC:  DSAP Address = FE, DSAP IG Bit = 00 (Individual Address)
      LLC:  SSAP Address = FE, SSAP CR Bit = 00 (Command)
      LLC:  Unnumbered frame: UI
      LLC:  
CLNP: ----- ISO Network Layer -----
      CLNP: 
      CLNP: Protocol ID = 81 (ISO Connectionless Network Protocol)
      CLNP: Header length = 58
      CLNP: Version / Protocol ID extension = 01
      CLNP: Remaining PDU lifetime is 25.0 seconds
      CLNP: Flags/type byte = 01
      CLNP:       0... .... = Segmentation not permitted
      CLNP:       .0.. .... = Last segment
      CLNP:       ..0. .... = Error not reported if frame discarded
      CLNP:       ...0 0001 = Error report PDU
      CLNP: Segment length = 123
      CLNP: Checksum = 0000
      CLNP: Destination address :
      CLNP:   Length  = 20
      CLNP:   Format  = 39 (ISO DCC Binary)
      CLNP:   Address = 390000800000000000000010100060B0B6EA0A01
      CLNP: Source address :
      CLNP:   Length  = 20
      CLNP:   Format  = 39 (ISO DCC Binary)
      CLNP:   Address = 3900008000000000000000100000601D0F022500
      CLNP: PDU priority is 0
      CLNP: Reason for discard = 81 (Destination unknown)
      CLNP: 
      CLNP: 
      CLNP: ----- ISO Network Layer -----
      CLNP: 
      CLNP: Protocol ID = 81 (ISO Connectionless Network Protocol)
      CLNP: Header length = 60
      CLNP: Version / Protocol ID extension = 01
      CLNP: Remaining PDU lifetime is 25.0 seconds
      CLNP: Flags/type byte = BC
      CLNP:       1... .... = Segmentation permitted
      CLNP:       .0.. .... = Last segment
      CLNP:       ..1. .... = Report error if frame discarded
      CLNP:       ...1 1100 = Data PDU
      CLNP: Segment length = 65
      CLNP: Checksum = 0000
      CLNP: Destination address :
      CLNP:   Length  = 20
      CLNP:   Format  = 39 (ISO DCC Binary)
      CLNP:   Address = 3900008000000000000000101000601D0F01FB01
      CLNP: Source address :
      CLNP:   Length  = 20
      CLNP:   Format  = 39 (ISO DCC Binary)
      CLNP:   Address = 390000800000000000000010100060B0B6EA0A01
      CLNP: Data unit identifier = 9B6E
      CLNP: Segment offset = 0
      CLNP: Total length = 65
      CLNP: PDU priority is 0
      CLNP: 
ISO_TP: ----- ISO Transport Layer -----
      ISO_TP: 
      ISO_TP: Header length = 4
      ISO_TP: TPDU type = 6 (Ack)
      ISO_TP: Destination reference = F603
      ISO_TP: Next expected sequence number = 123
      ISO_TP: Credit value = 0
      ISO_TP: 
ADDR  HEX                                               ASCII
0000: 00 60 b0 b6 ea 0a 00 60 1d 0f 02 25 00 7e fe fe | .`.¶ê..`...%.~..
0010: 03 81 3a 01 32 01 00 7b 00 00 14 39 00 00 80 00 | .:.2..{...9....
0020: 00 00 00 00 00 00 10 10 00 60 b0 b6 ea 0a 01 14 | .........`.¶ê...
0030: 39 00 00 80 00 00 00 00 00 00 00 10 00 00 60 1d | 9.............`.
0040: 0f 02 25 00 cd 01 00 c1 02 81 00 81 3c 01 32 bc | ..%.Í.....<.2¼
0050: 00 41 00 00 14 39 00 00 80 00 00 00 00 00 00 00 | .A...9..........
0060: 10 10 00 60 1d 0f 01 fb 01 14 39 00 00 80 00 00 | ...`...û..9.....
0070: 00 00 00 00 00 10 10 00 60 b0 b6 ea 0a 01 9b 6e | ........`.¶ê..›n
0080: 00 00 00 41 cd 01 00 04 62 f6 03 7b             | ...AÍ...bö.{