kinnay
commented
6 years ago UDP packets starting with 32 AB 98 64 are part of the peer-to-peer protocol (from the PIA library). These packets are sent directly from one console to another, without server in between. The PRUDP protocol is only used in communication with the game server.
Your WireShark dumps do actually contain WebSocket/PRUDP packets. Look for packets with g2b309e01-lp1.s.n.srv.nintendo.net as source or destination. You can't actually view the content of these packets though, because the connection is encrypted with TLSv1.2.
You won't see much game server packets during a match by the way. The game server is only responsible for match making and setting up the peer-to-peer connection. There's no server involved in the race itself.
ThatNerdyPikachu
After reading up on PRUDPLite I attempted to look at my own traffic for research purposes. However none of the packets found in WireShark match that of the structure described here.
None of the packets in my dump have a 0x80 header, however many (if not all) seem to use
32 AB 98 64as a header. This is true between both MK8D and Splatoon2. Could Nintendo have possibly changed the format? Or is this something different? There's no WebSocket data in the WireShark dumps and it doesn't appear to be going over TCP either. On a whim I also checked PRUDP V0 and V1 (not expecting anything), and unsurprisingly those also did not work.MK8D WireShark dump 1: https://drive.google.com/open?id=1GLyehZHR7lHMqW61YT4lOZSqyj7Pixzp MK8D WireShark dump 2 (full dump of race): https://drive.google.com/open?id=1B32NYEWweKr9ZQsmucwljo0VOMt6vjKm Splatoon2 WireShark dump: https://drive.google.com/open?id=15yJRtBUCxfJDZ7f9WRfLl_hXaaqi5ArJ