Wireshark-users: Re: [Wireshark-users] 5G NR-RRC dissector issue

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Anders Broman <anders.broman@xxxxxxxxxxxx>
Date: Fri, 25 Oct 2019 07:45:30 +0000

Hi,

So the decoding should be:

 

0000   00 0c 00 18 6e 72 2d 72 72 63 2e 62 63 63 68 2e         nr-rrc.mib 6e 72 2d 72 72 63 2e 6d 69 62

0010   62 63 68 00 00 00 00 00 00 00 00 00 00 00 00 00        (nr-rrc.bcch.bch 6e 72 2d 72 72 63 2e 62 63 63 68 2e 62 63 68)

0020   6e 72 2d 72 72 63 00 00 00 05 00 01 06 f2 d4

 

Regards

Anders

 

From: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Sent: den 25 oktober 2019 09:39
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Cc: Anders Broman <anders.broman@xxxxxxxxxxxx>
Subject: Re: [Wireshark-users] 5G NR-RRC dissector issue

 

Hi,

 

A UE is receiving a BCCH-BCH message that encapsulates a MIB. Are you sure we need to expose the MIB dissector directly?

 

Best regards,

Pascal.

 

Le ven. 25 oct. 2019 à 09:34, Anders Broman via Wireshark-users <wireshark-users@xxxxxxxxxxxxx> a écrit :

Hi,

The NR-RRC messages has to be dissected by calling dissector by name. Currently “MIB” is not handled but I have amended the code to expose it.

Instead of building a UDP packet with the MIB Octets as data you can create an “Exported PDU” by using text2pcap

text2pcap.exe -l 252 MIB.txt mib.pcapng

 

The code change can be followed here https://code.wireshark.org/review/#/c/34852/

Dissection result:

Regards

Anders

 

 

From: Wireshark-users <wireshark-users-bounces@xxxxxxxxxxxxx> On Behalf Of Keval Malde
Sent: den 25 oktober 2019 04:24
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-users] 5G NR-RRC dissector issue

 

No In wireshark there is no such seperate NR RRC over UDP option. But then if not UDP then how am I supposed to send and receive packet ?

 

On Fri, 25 Oct, 2019, 2:05 AM Guy Harris, <guy@xxxxxxxxxxxx> wrote:

On Oct 24, 2019, at 11:29 AM, Keval Malde <kevalmalde@xxxxxxxxxxxxx> wrote:

> I am trying to dissect 5G NR RRC MIB paket but it is not working, any possible help would be appreciated. Please find the attachment below.

What is the payload of that UDP packet supposed to be?

Is there some "NR RRC over UDP protocol" being used?
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Attachment: smime.p7s
Description: S/MIME cryptographic signature