This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Decode for LLTD?

0

LLTD is the Link Layer Topology Discovery introduced by Microsoft with Windows Vista.

As of now Wireshark recognizes LLTD frames by Ethertype but does not decode the content.

Wiki provides a link to a dissector. What are the chances of getting the LLTD dissector into the standard Wireshark build?

asked 18 Apr '11, 02:24

packethunter's gravatar image

packethunter
2.1k71548
accept rate: 8%


One Answer:

1

Presumably, the MS-LLTD wiki page is the one you're referring to. The link from that page to the dissector indicates that it was developed against 1.0.4, so in all likelihood some changes would be needed before it could be incorporated. So I'd say the first step would be for someone to update the dissector to build against the trunk. After that, an enhancement bug request should be filed at https://bugs.wireshark.org/bugzilla/ with the updated dissector attached.

answered 18 Apr '11, 07:45

cmaynard's gravatar image

cmaynard ♦♦
9.4k1038142
accept rate: 20%

I just realized that Wireshark is doing a great job on decoding LLTD.

Closing the question is overdue.

Thank you to all developers for keeping Wireshark great :)

(17 Feb '17, 12:13) packethunter