tcpdump mailing list archives
Re: RFC: DLT for "application TCP stream capture"
From: Michael Richardson <mcr () sandelman ca>
Date: Wed, 14 Jan 2015 11:57:53 -0500
"Paul \"LeoNerd\" Evans" <leonerd () leonerd org uk> wrote: > I wonder though, whether the flags could be combined with the IP > version field, given as the version in the underlying (real) IP packet > anyway is only a 4-bit field. > 1 byte | Flags and IP version: > bit7 [ VVVV...W ] bit0 > VVVV = IP version > W = write/!read > Does it seem sensible to merge those to save a byte of output? (and > also ensure nice alignment of the header to 32bit boundaries). > It does momentarily seem wasteful to repeat the source/destination > information in every single packet (especially in the case of IPv6 with > its 256bits of addressing information). Though I don't know if that > outweighs the statefulness and added complexity of representing "flow > setup" operations and "more bytes of data sent/received on this flow" > as extra frame types. Eventually, we'll be using this format to debug multi-path TCP, in which case the IP addresses (and maybe even the IP4/IP6-ness of it) might change. And gzip'ed those addresses will compress quite easily. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr () sandelman ca http://www.sandelman.ca/ | ruby on rails [ _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 13)
- Re: RFC: DLT for "application TCP stream capture" Guy Harris (Jan 13)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Michael Richardson (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Denis Ovsienko (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Michael Tuexen (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Guy Harris (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 15)
- Re: RFC: DLT for "application TCP stream capture" Paul "LeoNerd" Evans (Jan 14)
- Re: RFC: DLT for "application TCP stream capture" David Laight (Jan 15)
- Re: RFC: DLT for "application TCP stream capture" Guy Harris (Jan 13)
- Re: RFC: DLT for "application TCP stream capture" David Laight (Jan 15)