Greetings, I am running 'tethereal' sniffing traffic between two routers, one of which is receiving a full routing table ( 130K prefixes ). The routers are connected via an Ethernet hub. The dissector is working correctly by decoding bgp in each frame starting with the marker ( 10 bytes of 0xFFs ). So far so good ...
When a router blasts many prefixes, as is the case above, each Ethernet frame is filled with the maximum number of BGP update messages. Usually the frame cannot contain an integral number of update messages, and a portion of the last update in the frame spills into the beginning of the next frame. Now the question, and sorry for the pre-amble ... Is there any way of stitching together, in real-time, the full un-interrupted BGP update message stream using the current version of tethereal? Advanced thanks, Alex
