Ethereal-dev: Re: [ethereal-dev] Antwort: Re: [ethereal-users] Reading AIX-iptrace on at0
On Mon, Nov 15, 1999 at 09:40:43AM +0100, herbert.kinzler@xxxxxxxxxxx wrote:
>
> Hi Gilbert,
>
> thanks for your help. Here are the iptrace / ipreport. Hopefully you can read
> them.
>
> Herbert
>
> (See attached file: atm.ipreport)(See attached file: atm.iptrace)
Guy and I have been working on this, and we have Ethereal reading
almost everything in your atm.iptrace file. The changes have been put
into ethereal's CVS repository. It can detect all the packet types in
your ATM trace. We do not have an SSCOP decoder, so your SSCOP frames
are recognized as "Signalling AAL", but they are not decoded. I'm sure
we'll hae an SSCOP decoder some time in the future.
Your classical IP frames are properly decoded as well.
LANE and ILMI data are properly recognized and decoded.
However, as far as we can tell, iptrace does not tell us what kind of elan
is in the LANE frame. Look at frame 2 in the trace you sent us. Ipreport
erroneously thinks it is a mangled IP packet, but Ethereal correctly sees
it as a Spanning Tree Protocol packet (ATM-LANE-Ethernet-LLC-STP). The
problem is that we have to assume that the elan is ethernet. Perhaps
that's why ipreport fails... it, like us, is missing important data.
If we can't figure out a decent heuristic for detecting ethernet or TR by
looking at the first few bytes of the frame, and if we don't magically
discover a new field in the iptrace record, we'll have to put in some
way for the ethereal user to define certain VC's as certain elan types.
I am looking into whether or not we can fix the Src/Dest labels
for your ATM frames. Right now Ethereal reports all of them as "DCE->DTE".
If you can't get the current ethereal from CVS, let me know and I'll
provide a tarball. I'd really appreciate it if you could test these
changes on a variety of ATM iptrace trace files.
thanks,
--gilbert
