Wireshark · Wireshark-users: [Wireshark-users] Problem with capturing DHCP Faillover (DHCPFO) Protocol and the OMAPI Protocol

Wireshark-users: [Wireshark-users] Problem with capturing DHCP Faillover (DHCPFO) Protocol and th

From: Jürgen Dietl <juergen.dietl@xxxxxxxxxxxxxx>

Date: Mon, 7 Feb 2011 14:55:09 +0100

Hello,

I did a capture on the DHCP-Server. Because our DHCP runs on port 520 i changed this in the preferences of the dhcpfo protocol.

I can decode the following message types.

3 = Binding Update
4 = Binding Acknowledge
5 = Connect
6 = Connect Acknowledge
7 = Update Request All
8 = Update Done
10 = State

When I now make a display filter with !dhcpfo.type==5 and !dhcpfo.type==4 .....

so that I filter out all this types I still have messages on port 520 that can only be seen as "efs tcp dst port 520" with a source port not well known (greater than 1024).

I am looking for the recovery-wait and. recovery-done etc. I assume that the missing packets must be there. But wireshark do not decode this packet with a DHCP Failover Header. Instead all the information is in data in the TCP Header which then is difficult to decode.

Is there a way to decode also the rest?

I am also looking for the name of the OMAPI Protocol for changing the port in preferences. It is in the supported protocol list as "OMAPI ISC Object Management API" but I cant find any of these words.

Thanx a lot,
cheers,
Juergen

Follow-Ups:
- Re: [Wireshark-users] Problem with capturing DHCP Faillover (DHCPFO) Protocol and the OMAPI Protocol
  - From: Jaap Keuter
- Re: [Wireshark-users] Problem with capturing DHCP Faillover (DHCPFO) Protocol and the OMAPI Protocol
  - From: Joerg Mayer

Prev by Date: [Wireshark-users] dbgp protocol
Next by Date: [Wireshark-users] Unable to see plugin in filters
Previous by thread: [Wireshark-users] dbgp protocol
Next by thread: Re: [Wireshark-users] Problem with capturing DHCP Faillover (DHCPFO) Protocol and the OMAPI Protocol
Index(es):
- Date
- Thread