This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Greetings! Hoping someone can help me. In a trace from a customer, I have three DTAP messages that are giving Wireshark grief in trying to dissect them. I've put in bold the protocol discriminator octet and the message type octet:

GSM A-I/F DTAP - Unknown DTAP Message Type (0x03)
    Protocol Discriminator: Mobility Management messages (5)
        .... 0101 = Protocol discriminator: Mobility Management messages (0x05)
        0000 .... = Skip Indicator: No indication of selected PLMN (0)
    00.. .... = Sequence number: 0
    ..00 0011 = DTAP Mobility Management Message Type: Unknown (0x03)

0000  00 50 56 be 6e 10 00 13 5f e1 d4 00 08 00 45 00   .PV.n..._.....E.
0010  00 50 00 00 40 00 36 11 b6 f9 0a 4a 00 d7 ac 1c   [email protected]
0020  d6 66 ca ce 12 79 00 3c f5 3e 02 04 01 00 82 00   .f...y.<.>......
0030  00 00 00 15 52 7b 07 00 00 00 03 00 fd **05 03** 15   ....R{..........
0040  10 36 00 b0 28 43 80 17 c0 87 ff f2 b8 41 4a 02   .6..(C.......AJ.
0050  04 18 38 02 80 a1 98 1a ba c5 32 00 00 00         ..8.......2...

GSM A-I/F DTAP - Unknown DTAP Message Type (0x01)
    Protocol Discriminator: Radio Resources Management messages (6)
        .... 0110 = Protocol discriminator: Radio Resources Management messages (0x06)
        0000 .... = Skip Indicator: No indication of selected PLMN (0)
    DTAP Radio Resources Management Message Type: Unknown (0x01)

0000  00 50 56 be 6e 10 00 13 5f e1 d4 00 08 00 45 00   .PV.n..._.....E.
0010  00 38 00 00 40 00 36 11 b7 11 0a 4a 00 d7 ac 1c   [email protected]
0020  d6 66 ca ce 12 79 00 24 e1 73 02 04 01 00 82 00   .f...y.$.s......
0030  00 00 00 15 52 7b 07 00 00 00 03 00 fd **06 01** a2   ....R{..........
0040  e7 fc 23 0b c8 00                                 ..#...

GSM A-I/F DTAP - Unknown DTAP Message Type (0x00)
    Protocol Discriminator: Call Control; call related SS messages (3)
        .... 0011 = Protocol discriminator: Call Control; call related SS messages (0x03)
        0... .... = TI flag: allocated by sender
        .000 .... = TIO: 0
    00.. .... = Sequence number: 0
    ..00 0000 = DTAP Call Control Message Type: Unknown (0x00)

0000  00 50 56 be 6e 10 00 13 5f e1 d4 00 08 00 45 00   .PV.n..._.....E.
0010  00 3d 00 00 40 00 36 11 b7 0c 0a 4a 00 d7 ac 1c   [email protected]
0020  d6 66 ca ce 12 79 00 29 7b 55 02 04 01 00 82 00   .f...y.){U......
0030  00 00 00 15 52 7b 07 00 00 00 03 00 fd **03 00** 31   ....R{.........1
0040  4a 00 99 ff 20 80 0b 10 13 01 18                  J... ......

I'm not inclined to think this is interference, because these three messages come up regularly and I don't think a mangled message would make it that far up the protocol stack.

Any help is appreciated!

asked 14 Aug '15, 09:22

tiger762's gravatar image

tiger762
11337
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×37
×8
×1
×1

question asked: 14 Aug '15, 09:22

question was seen: 2,394 times

last updated: 14 Aug '15, 09:22

p​o​w​e​r​e​d by O​S​Q​A