Question about MDNS

["Terry Martin" <tmartin () timedatacorp com>]

To all

 

I am sniffing  wireless traffic and getting malformed MDNS packets. Here
is an example ( I have changed the addresses to protect the innocent) :

 

No.     Time        Source                Destination           Protocol
Info

      5 5.735756    10.1.17.32             178.27.05.50          MDNS
Standard query[Malformed Packet]

 

Frame 5 (114 bytes on wire, 114 bytes captured)

Ethernet II, Src: Dell_70:41:da (00:24:e8:27:41:da), Dst:
AxiomTec_43:f9:0b (00:82:e0:43:f9:0b)

Internet Protocol, Src: 10.1.17.32 (10.1.17.32), Dst: 178.27.05.50
(178.27.05.50)

User Datagram Protocol, Src Port: mdns (5353), Dst Port: movaz-ssc
(5252)

Domain Name System (query)

[Malformed Packet: DNS]

    [Expert Info (Error/Malformed): Malformed Packet (Exception
occurred)]

        [Message: Malformed Packet (Exception occurred)]

        [Severity level: Error]

        [Group: Malformed]

 

I am using Version 1.2.6 of Wireshark

 

 

Has anyone worked with MDNS before?  Is this normal for Wireshark to
report these results or is this a problem a true problem?  I am also
seeing queries that are coming back unknown.  Is this a Wireshark issue?
Is this a system problem?

 

If you have can you point to where I can get more info on MDNS?

 

 

 

Thanks in advance

 

 

 

Terry Martin

TimeData Corporation

Phone: 503-678.2224

Cell:      503.318.8909

 

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe