Re: Request DLT_/LINKTYPE_ value for vSockets

[Gerard Garcia <ggarcia () deic uab cat>]

On 07/19/2016 08:56 PM, Guy Harris wrote:
> On Jul 19, 2016, at 7:12 AM, Gerard Garcia <ggarcia () abra uab cat> wrote:
>
> > >         2) What is the format of the transport header?
> > It is well described in the virtio vsock specification: https://stefanha.github.io/virtio/#x1-2800007 May we just link 
> > there?
> If that's
>
> struct virtio_vsock_hdr {
>    le64 src_cid;
>    le64 dst_cid;
>    le32 src_port;
>    le32 dst_port;
>    le32 len;
>    le16 type;
>    le16 op;
>    le32 flags;
>    le32 buf_alloc;
>    le32 fwd_cnt;
> };
>
> that appears to duplicate fields in the link-layer header; are those fields, in fact, duplicates?
Yes, the source/destination cid/port are duplicates. The vsockmon header 
always includes these fields in case there is no transport header 
attached or if that information is not included.

The other fields are different.

> > >         3) Will the length of the transport header ever change?
> > We should assume that it may change.
> So will the transport header ever change *without* the length changing?  If it changes by adding new data to the end, 
> or by removing some fields at the end, code that parses a packet in a capture can use the length field to determine 
> whether the added fields are present, but if the header can change without the length changing - or by more than just 
> fields being added to the end or removed from the end - there needs to be something in the header to give a version for 
> the transport header, such as changing the transport header type.
No, it will never change without changing the length field. This is the 
purpose of this field, being able to grow the transport header if it is 
necessary without worrying of breaking existing parsers.
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers