First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

CFLOW decode IPFIX sequence number

Hi, I am using Wireshark with the CFLOW decode on Juniper router IPFIX packets.

I have the feeling the sequence number is not properly handled when packet with template are received. As from IPFIX documentation, template and option-template are not incrementing sequence number.

When I am viewing one of the capture, I see Wireshark showing sequence error at each template, option-template and folowing data packet because it expect the template and option-template to also increment sequence number.

As a result it is hard to find the real sequence problems from these false positive.

I am using Wireshark 2.4.2 on Ubuntu 18.04

Can anyone confirm this ? Thanks.

Morgan's avatar
3
Morgan
asked 2018-06-22 22:30:18 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Probably best to raise an entry on the Wireshark Bugzilla for this, attaching your capture.

grahamb's avatar
23.8k
grahamb
answered 2018-06-23 16:21:10 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Thank you. I will do that.

Morgan's avatar Morgan (2018-06-27 20:36:42 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer