Re: DLT request for SDLC (BITBUS)

["Becker (ELZET80)" <Becker () elzet80 de>]

Hi Guy,

>
> So by "tracer" do you mean that it actually dissects and displays 
packets, or do you mean it captures packets and feeds them to Wireshark 
or some other program to dissect?
>

It's an USB device that captures packets on the bus and feeds it to 
Wireshark as a byte array starting with the (SDLC) address and ending 
with FCS.
Beginning and endflag are not included and bit stuffing is removed.

>
> So what's a "raw SDLC frame"?  An SNA packet using SDLC as the 
link-layer?
>

Right now there is no way (afaik) to use plain SDLC in Wireshark without 
looking at the payload.

A "raw" frame is a SDLC frame that is recorded by the controller on OSI 
layer 1 and should be interpreted as SDLC (OSI layer 2).

We don't know the payload used in the SDLC encapsulation as there is no 
payload id field in SDLC to identify the protocol of the content.
The user needs to know what the content is (e.g. BITBUS) and select the 
right dissector.

>
> So are these BITBUS packets, SNA packets, or both?
>
> ("SDLC" isn't "any protocol with an address field and an SDLC-like 
control field"; that definition would include HDLC, LAPB, LAPD, BITBUS, 
etc..)

It depends on the used system what protocol is used inside the SDLC 
encapsulation. Some systems run only a single protocol and some run 
different protocols depending on e.g. source/destination address.
The user has to decide how to dissect the content of the SDLC frame with 
an external dissector.

We just want to display SDLC frames like Ethernet frames without any 
automatic protocol dissection.

Best regards
Freundliche Grüße

Paul Becker

____________________________________________________

ELZET 80 Mikrocomputer GmbH & Co. KG
Theaterplatz 9
D-52062 Aachen
Germany

Tel. +49-241-4016580
Fax +49-241-48480
email: becker () elzet80 de
Please visit our web-site at http://www.elzet80.com

ELZET
=8 0=
IIIII
____________________________________________________

USt.Id. : DE 117 662 038
Handelsregister Aachen Abt. A, Nr. 8044
Komplementär & Geschäftsführung:
Giesler & Danne Bet. u. Verw. GmbH
Handelsregister Aachen Abt. B, Nr. 17317
Geschäftsführer Walter L. Giesler

Am 17.01.2017 um 20:51 schrieb Guy Harris:
> On Jan 17, 2017, at 5:25 AM, Becker (ELZET80) <Becker () elzet80 de> wrote:
>
> > I think my request was a bit misleading and wrong formulated. I told you we are working on a BITBUS tracer which in 
> > reality is a SDLC tracer that can trace BITBUS too.
> So by "tracer" do you mean that it actually dissects and displays packets, or do you mean it captures packets and feeds 
> them to Wireshark or some other program to dissect?
>
> > > > Is there a way to use the SDLC dissector as a DLT already?
> > > No, and if you were to do so, you probably wouldn't like the results, unless you're using SNA on the BITBUS links.
> > >
> > > > If not we would request a DLT for SDLC communication on which we would base our BITBUS lua dissector plugin.
> > > You should, instead, get LINKTYPE_BITBUS/DLT_BITBUS.
> > I don't think thats what we want as we have raw SDLC frames coming from our usb tracer and need to display them too.
> So what's a "raw SDLC frame"?  An SNA packet using SDLC as the link-layer?
>
> > We want to feed the data directly into Wireshark with an extcap component and don't want to go the detour over ethernet 
> > packets.
> > The payload data should not be interpreted by default (we would write a lua bitbus dissector for that).
> So are these BITBUS packets, SNA packets, or both?
>
> ("SDLC" isn't "any protocol with an address field and an SDLC-like control field"; that definition would include HDLC, 
> LAPB, LAPD, BITBUS, etc..)

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers