tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Need a new DLT value

From: Guy Harris <guy () alum mit edu>
Date: Thu, 29 May 2008 18:10:08 -0700
(This is a libpcap issue, not a Wireshark issue, so I removed the Wireshark mailing list.
In addition, the correct address for the tcpdump-workers list is tcpdump-workers () lists tcpdump org , not tcpdump-workers () tcpdump org; the latter bounces. CCing Nirupama, in case they're not on the tcpdump-workers list; I've set "Reply-To" to send replies to the list - they should join the list to see subsequent replies, if they're not already on the list.) 

On May 27, 2008, at 5:35 PM, Nirupama Sankaranarayanan wrote:


I have written a small ATM dissector and need a new
DLT value for it.

Need for the dissector -

* I am trying to decode a number of emulations like
IS-IS, OSPF, BGP, PPPoE, PPPoEoA, etc.
OSPF and BGP run over IP; are you talking about that (in which case that's just some flavor of IP-over-ATM), or are you talking about something where OSPF and BGP are run directly over ATM, with no IP involved?
PPPoE runs, as the "oE" implies, over Ethernet, so that's presumably referring to "PPPoEoA", i.e. PPPoE where the E is bridged over ATM, so that's really just "bridged Ethernet over ATM". 


* These are all running over ATM and may be LLC/SNAP
encapsulated or not.
So they might be LLC-encapsulated or something else - would the something else be VC-encapsulated? 


* The other ATM dissectors for SunATM, JuniperATM1,
etc. are proprietary formats. The packets that I am
attempting to dissect are not of those formats and nor
can I convert them to comply to those formats.


What are the packets you're attempting to dissect?
Are they just raw AAL5 PDUs, with no pseudo-header giving VPI/VCI or any indication of the protocol being used on that virtual circuit, or do they have some pseudo-header giving that information?
And what's supplying those packets? Is there a capture device of some sort, with extensions to libpcap to support capturing from it, or is this just a capture file for Wireshark to read? If so, what software is generating that capture file? 


* Additionally, I also need to decode the ATM (UNI)
header itself.
By "ATM header" do you mean the ATM cell header? If so, is the capture purely ATM cells (in which case your Wireshark dissector would also have to do reassembly), or does it include both raw cells and reassembled AAL5 PDUs? 
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: