PIM BiDir Bidirectional Wireshark dissectors

Bidirectional Protocol Independent Multicast RFC 5015 (  http://www.ietf.org/rfc/rfc5015.txt ) is in my opinion the most bulletproof multicast routing protocol around, but it doesn’t have a huge install base.  Consequently, the PIM dissector in even the latest wireshark as of this writing 1.11 doesn’t support decode of the BiDir specific messages like Offer/Winner/Backoff/Pass which makes troubleshooting alot more difficult.  One of our developers Dave Zoller generously coded me up a dissector and is going to distribute it back to the wireshark project.  Until then the binary for windows is available here:
http://www.baldwinpines.com/Wireshark-win32-1.11.3-MSFC-PIM2.10.exe

Source code can be found here: http://www.baldwinpines.com/pim-dissector.zip

 

Advertisements
This entry was posted in internet, network. Bookmark the permalink.

4 Responses to PIM BiDir Bidirectional Wireshark dissectors

  1. Ilan says:

    Hi,

    Like you, I was disappointed to see that WireShark does not disect Bidir PIM :/

    Can I have your Bidir PIM dissector source code?
    Specifically, I’m looking for DF election dissection 🙂

    Thanks in advance.

    • Ilan says:

      Oh, and BTW – WireShark does disect the “Bidir-Capable” option on the PIM Hello packets correctly… so it’s not like the original coders weren’t aware of the existence of bidir…

    • patrickabaldwin says:

      Sure thing I added the dissector source code to the post

  2. Ilan says:

    Another thing which would be useful is dissecting the bidir bit in bootstrap messages

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s