Hello,
I wanted test by Wireshark my TLS configuration in RabbitMQ server and I have trouble. If my network adapter are set to ipv6 I don't see full comunication betwen client and serwer, is only Client Hello, but if I disable the ipv6 in network adapter I can see full comunication in Wireshark: Client Hello, Server Hello and Client Change Spec. I don't understand what is it caused by.
Captured packets when ipv6 is enabled
Protocol Length Info
TLSv1.2 335 Client Hello
TCP 74 5657 → 55748 [ACK] Seq=1 Ack=262 Win=2097664 Len=0
TCP 74 [TCP ACKed unseen segment] 55748 → 5657 [ACK] Seq=262 Ack=3874 Win=263424 Len=0
TLSv1.2 154 Change Cipher Spec, Application Data
TLSv1.2 104 Application Data
Captured packets when ipv6 is disabled:
Protocol Length Info
TLSv1.3 315 Client Hello
TCP 54 5657 → 55849 [ACK] Seq=1 Ack=262 Win=2097664 Len=0
TLSv1.3 3927 Server Hello, Change Cipher Spec, Application Data, Application Data, Application Data, Application Data
TCP 60 55849 → 5657 [ACK] Seq=262 Ack=3874 Win=262656 Len=0
TLSv1.3 134 Change Cipher Spec, Application Data TLSv1.3 84 Application Data
This output is expected or I do something wrong? My filter which I used is (tcp.srcport == 5657 or tcp.dstport == 5657)
or ssl.handshake.type and (tcp.srcport == 5657 or tcp.dstport == 5657)
Regards, Noak
