Hi,
> Does anyone know if decoding 4-byte AS numbers are supported yet? If
> not, is anyone working on it?
A quick glance at the BGP dissector's code reveals that it does
recognize the capability for 4 byte AS numbers. It doesn't appear
though that it can display 32-bit AS numbers, only 16-bit ones. I don't
think anyone is working on it at this time. Do you have a sample
capture file that contains 32-bit AS numbers in it that we could use to
test a new feature to recognize the new AS numbers?
I took a look at it to see the cost of implementation. There are a good news and bad ones. :)
The good news :
Support for 4-byte AS numbers is "implemented". (as announced in the comment at the start of the file)
The bad ones :
I don't know why the guy who implemented it defined constants for the attributes affected as BGPTYPE_NEW_AS_PATH and BGPTYPE_NEW_AGGREGATOR. It is not really clear as the RFC defined these attributes as AS4_PATH and AS4_AGGREGATOR.
It is neither cleanly implemented as, at least once, when dissecting the aggregator it may use a FT_UINT16 item to put a 32 bits integer.
It is the same problem for the as path except, that what appears on the pane is correct as it is represented as a string but there is an hidden item which is coded as a FT_UINT16 too.
And well, at last, the dissector might need a little bit of refactoring and an update of some wireshark API functions used.
To conclude, there is a support in wireshark for 4-byte AS ... which is somewhat buggy. :)
P.S. : Could you send an capture file with 4-byte AS numbers as Steve asked? (I know there are some legal problems to give these types of capture but we can keep it private.)
Regards,
Sebastien Tandel