CFLOW decode IPFIX sequence number

asked 2018-06-22

Morgan

Hi, I am using Wireshark with the CFLOW decode on Juniper router IPFIX packets.

I have the feeling the sequence number is not properly handled when packet with template are received. As from IPFIX documentation, template and option-template are not incrementing sequence number.

When I am viewing one of the capture, I see Wireshark showing sequence error at each template, option-template and folowing data packet because it expect the template and option-template to also increment sequence number.

As a result it is hard to find the real sequence problems from these false positive.

I am using Wireshark 2.4.2 on Ubuntu 18.04

Can anyone confirm this ? Thanks.

1 Answer

answered 2018-06-23

grahamb

Probably best to raise an entry on the Wireshark Bugzilla for this, attaching your capture.

Thank you. I will do that.

Morgan ( 2018-06-27 )

Asked: 2018-06-22

