This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I have two identical win7x64 machines on different drops - one of them gets numerous "Bogus IP length" packets in the capture. About every 10 seconds there will appear 7 or 8 of these all at once. The other machine gets none. What can be the problem here? is it layer 1, as I suspect? Or could it be software layer?

Thanks!

asked 04 Mar '11, 11:41

Peakbagger66's gravatar image

Peakbagger66
1111
accept rate: 0%


You are saying these are incoming, so I'm curious what they look like on the wire just before the pc receives them. So I'd bring up a pc on a span port of a switch and look at the packets in both locations. My initial guess is that it is something that the network card on the receiving pc is doing. Maybe some type of hardware offloading or something.

permanent link

answered 05 Mar '11, 16:40

Paul%20Stewart's gravatar image

Paul Stewart
3018
accept rate: 6%

Or perhaps the offloading is being done on the sending PC, i.e. on the machine running Wireshark; are the packets in question being sent by that machine?

(07 Mar '11, 18:37) Guy Harris ♦♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×103
×29
×4
×1

question asked: 04 Mar '11, 11:41

question was seen: 9,361 times

last updated: 07 Mar '11, 18:37

p​o​w​e​r​e​d by O​S​Q​A