Bidirectional Protocol Independent Multicast RFC 5015 ( http://www.ietf.org/rfc/rfc5015.txt ) is in my opinion the most bulletproof multicast routing protocol around, but it doesn’t have a huge install base. Consequently, the PIM dissector in even the latest wireshark as of this writing 1.11 doesn’t support decode of the BiDir specific messages like Offer/Winner/Backoff/Pass which makes troubleshooting alot more difficult. One of our developers Dave Zoller generously coded me up a dissector and is going to distribute it back to the wireshark project. Until then the binary for windows is available here:
http://www.baldwinpines.com/Wireshark-win32-1.11.3-MSFC-PIM2.10.exe
Source code can be found here: http://www.baldwinpines.com/pim-dissector.zip
Hi,
Like you, I was disappointed to see that WireShark does not disect Bidir PIM
Can I have your Bidir PIM dissector source code?
Specifically, I’m looking for DF election dissection 🙂
Thanks in advance.
Oh, and BTW – WireShark does disect the “Bidir-Capable” option on the PIM Hello packets correctly… so it’s not like the original coders weren’t aware of the existence of bidir…
Sure thing I added the dissector source code to the post
Another thing which would be useful is dissecting the bidir bit in bootstrap messages