Re: Hardware timestamp ?

[Pierre KARAMPOURNIS <pkarampournis () gmail com>]

2009/2/27 Guy Harris <guy () alum mit edu>

> On Feb 26, 2009, at 5:22 PM, Guy Harris wrote:
>
>  The *accuracy* is limited by the fact that most network adapters aren't
> > designed primarily for use when capturing traffic, so they don't do their
> > own packet timestamping, and libpcap normally just plugs into the OS's
> > built-in facilities for capturing packets, and those either use the OS's
> > networking stack, which is designed primarily for regular network traffic
> > rather than traffic capture and might sacrifice low latency for higher
> > throughput (thus adding delays that get in the way of time stamping), and
> > which plugs into device drivers *also* designed primarily for regular
> > network traffic rather than traffic capture, or use something such as BPF
> > that might bypass the networking stack but *doesn't* bypass the driver.
>
> Although it *appears* that, with current versions of the Linux kernel, the
> driver *could* timestamp the packet (setting the time in the skbuff) and
> netif_rx() won't timestamp it itself:
>
>        int netif_rx(struct sk_buff *skb)
>        {
>                struct softnet_data *queue;
>                unsigned long flags;
>
>                /* if netpoll wants it, pretend we never saw it */
>                if (netpoll_rx(skb))
>                        return NET_RX_DROP;
>
>                if (!skb->tstamp.tv64)
>                        net_timestamp(skb);
>
>                        ...
>
> so that if the network adapter provided a time stamp along with the packet
> data, the driver would set the time stamp for the skbuff before handing it
> to the networking stack.
>
> Similarly, with variants of the bpf_tap() and bpf_mtap() kernel APIs that
> take a time stamp as an argument, the BPF mechanisms in *BSD could let the
> driver supply a time stamp when it hands a packet to BPF.
>
> That would let you have a regular network adapter that time-stamps packets
> itself, so you could get accurate time stamps on incoming packets and still
> have the adapter usable as a regular network adapter as well as an adapter
> for capturing traffic.  You still wouldn't get accurate time stamps on
> *outgoing* packets, if by "accurate" you mean "gives the time at which the
> packet was put onto the network".


Thank you for your informations, I apologize for melting precision and
accuracy, you understood my mistake.
I worked on old Linux Kernel versions so I will try the latest ones to see
hardware timestamping. So now I have to search for Network cards which can
timestamp the packets with nanosecond resolution (Endace DAG cards can
apparently do that) and then modify a bit libPcap to take advantage of the
nanosecond timestamping (nanosecond timestamp MagicNumber etc.).
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.