Wireshark-users: Re: [Wireshark-users] Weird Null Packets
From: "Michael Glenn" <MGlenn@xxxxxxxxxxxxxxx>
Date: Wed, 19 Jan 2011 13:05:01 -0500
I extracted just the funky packets; otherwise the segment is working fine atm.
The packets are the same for Wireshark on both a Win7 box and a Linux laptop. Several ports on the switch were tried, so they're in there, all right.

>>> Bill Meier <wmeier@xxxxxxxxxxx> 01/19/2011 12:46 >>>
On 1/19/2011 10:54 AM, Michael Glenn wrote:
> Hi.
>
> I'm getting the weirdest packets trickling out of a network segment,
> and I'm trying to determine if the switch is dying, or if Microsoft
> has struck again (I've been installing some Win7 PCs on that
> segment).
>
> The packets are pretty-much nothing but a slew of zeroes; Wireshark
> guessed them to be FibreChannel traffic, but no such hardware on the
> segment. I'm attaching an extracted packet capture.
>

What hardware/OS/... are you using to capture these frames ?

Are you also getting good frames using the same setup ??

Wireshark shows the frames as being all zeros with no ethernet address,
etc. which makes me wonder if these frames are actually really "on the
wire".

Do do get the same results using an alternate capture program (windump
for Windows or tcpdump for *nix) ?

The same with an alternate capture platform ? (eg: Windows iso *nix)?

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe