tcpdump mailing list archives

Re: decode MPLS-contained packets?

From: Francois-Xavier Le Bail via tcpdump-workers <tcpdump-workers () lists tcpdump org>
Date: Tue, 5 May 2020 16:01:19 -0400 (EDT)

--- Begin Message --- From: Francois-Xavier Le Bail <devel.fx.lebail () orange fr>
Date: Tue, 5 May 2020 22:03:00 +0200

On 05/05/2020 21:44, Gert Doering wrote:

We should print "PW Ethernet Control Word" and the "Sequence Number", 2 last 2 octets of the 4.
Like:
PW Ethernet Control Word, Sequence Number xxx

I think we should only print this if "-v" is given.  Most of the time, 
both control word and sequence number are of little interest.

I really like tcpdump's very compact "only the most relevant info" output
format (by default).


OK for "-v" only print.

Other information from Francesco Fondelli:

-----------------------------------------------------------------------
it is a bit more complicated than that, look for

    /*
     * No, there isn't, so use the 1st nibble logic (see BCP 4928,
     * RFC 4385 and 5586).
     */

in
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-mpls.c;h=4ecb10d1216077b92e6d4ca2520340cf053414f4;hb=HEAD

and also the PW ETH heuristic in looks_like_plain_eth

https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-pw-eth.c;h=aec7b662d38ddb36514ed3c213df47ad53ad610b;hb=HEAD

Wireshark MPLS heuristic is not perfect and has been criticized but is still there :-) hopefully
correctly parsing your data as well.

For tcpdump maybe a -T based approach is better?

-T mpls (+ 1st nibble logic for IPv4/IPv6)
-T ethpw
-T ethpwnocw
...
-----------------------------------------------------------------------

Probably some more work to do...

And probably linked to https://tools.ietf.org/html/rfc8469.

-- 
Francois-Xavier

--- End Message ---

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Current thread:

Re: decode MPLS-contained packets?, (continued)
- - - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 05)
    - Message not available
    - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 05)
    - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 05)
  - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 05)
  - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 05)
  - Message not available
    - Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 05)
    - Re: decode MPLS-contained packets? Guy Harris via tcpdump-workers (May 07)
  - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 05)
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 05)
  - Message not available
    - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 05)
  - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 05)
    - Re: decode MPLS-contained packets? Guy Harris via tcpdump-workers (May 07)
    - Message not available
    - Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 07)
  - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 06)
  - Re: decode MPLS-contained packets? Guy Harris via tcpdump-workers (May 06)
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 07)
    - Re: decode MPLS-contained packets? Guy Harris via tcpdump-workers (May 07)
    - Message not available
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 07)
    - Re: decode MPLS-contained packets? Gert Doering via tcpdump-workers (May 07)
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 07)
    - Message not available
    - Re: decode MPLS-contained packets? Francois-Xavier Le Bail via tcpdump-workers (May 08)

(Thread continues...)