| Bug ID |
11478
|
| Summary |
Suspected Duplicate MAC detected in RTP analysis
|
| Product |
Wireshark
|
| Version |
1.12.7
|
| Hardware |
All
|
| OS |
Windows 7
|
| Status |
UNCONFIRMED
|
| Severity |
Enhancement
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Created attachment 13827 [details]
Original capture with changing source MAC
Build Information:
wireshark 1.12.7 (v1.12.7-0-g7fc8978 from master-1.12)
Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.10.2, with Pango 1.34.0, with
GLib 2.38.0, with WinPcap (4_1_3), with libz 1.2.5, with SMI 0.4.8, with c-ares
1.9.1, with Lua 5.2, without Python, with GnuTLS 3.2.15, with Gcrypt 1.6.2,
without Kerberos, with GeoIP, with PortAudio V19-devel (built Aug 12 2015),
with
AirPcap.
Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version
4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch
1_0_rel0b (20091008), GnuTLS 3.2.15, Gcrypt 1.6.2, without AirPcap.
Intel(R) Xeon(R) CPU X3440 @ 2.53GHz, with 12278MB of physical
memory.
Built using Microsoft Visual C++ 10.0 build 40219
--
We run an HSRP pair with asymmetric routing behind them. Sometimes the RTP
flow will switch to the other HSRP router which changes the source MAC address.
Packets then get flagged with "Suspected duplicate MAC address" and are
considered lost. The stats summary for the different flows then are inaccurate
and make troubleshooting QoS issues a pain. We're having to open capture files
in 1.8 to avoid this pitfall.
I'm requesting an option to disable duplicate MAC detection at least when
dealing with RTP analysis or not consider those as lost.
Issue also appears in version 1.10.14.
You are receiving this mail because:
- You are watching all bug changes.