tcpdump mailing list archives
Re: Link Layer Type Request NETANALYZER_NG
From: Guy Harris via tcpdump-workers <tcpdump-workers () lists tcpdump org>
Date: Wed, 3 Mar 2021 14:26:53 -0800
--- Begin Message --- From: Guy Harris <gharris () sonic net>
Date: Wed, 3 Mar 2021 14:26:53 -0800
On Mar 3, 2021, at 8:58 AM, Jan Adam via tcpdump-workers <tcpdump-workers () lists tcpdump org> wrote:for our new analysis product netANALYZER NG I would like to request a new link-layer type value. NETANALYZER_NG The new Link-Layer-Type format is described as following: Next-generation packet structure: +---------------------------+ | Payload | . . . . | | +---------------------------+ | Footer | | | +---------------------------+ Next-gen footer description: [16 bit] Version represents current structure version [64 bit] Timestamp1 first timestamp in ns, UNIX time since 1.1.1970 [64 bit] Timestamp2 second timestamp in ns, UNIX time since 1.1.1970 [32 bit] TimestampAccuracy actual accuracy of Timestamp1 and Timestamp2 in ns. 0: actual accuracy is unknownWhat do these two time stamps represent? They presumably don't represent the packet arrival time, as both pcap and pcapng already provide that for all packets.[8 bit] Representation identification of the following contentWhat are the possible values of this field, and what do those values signify?[32 bit] SrcIdPart1 source identifier part 1 [32 bit] SrcIdPart2 source identifier part 2 [8 bit] SrcIdPart3 source identifier part 3 [8 bit] SrcIdPart4 source identifier part 3So there's an 80-bit source identifier; what does that value signify?[64 bit] VarId variable identifier [64 bit] VarState variable error states, depending on representation [8 bit] VarType variable data typeWhat do those signify?[32 bit] VarSize size of raw frame payloadPresumably everything beyond that size is the footer; what are the contents of the footer?
--- End Message ---
_______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Link Layer Type Request NETANALYZER_NG Jan Adam via tcpdump-workers (Mar 03)
- Re: Link Layer Type Request NETANALYZER_NG Guy Harris via tcpdump-workers (Mar 03)
- Message not available
- Re: Link Layer Type Request NETANALYZER_NG Jan Adam via tcpdump-workers (Mar 08)
- Re: Link Layer Type Request NETANALYZER_NG Guy Harris via tcpdump-workers (Mar 12)
- Message not available
- Re: Link Layer Type Request NETANALYZER_NG Jan Adam via tcpdump-workers (Mar 12)
- Message not available
- Message not available
- Re: Link Layer Type Request NETANALYZER_NG Guy Harris via tcpdump-workers (Mar 12)
- Re: Link Layer Type Request NETANALYZER_NG Jan Adam via tcpdump-workers (Mar 08)
- Message not available
- Message not available
- Message not available
- Link Layer Type Request NETANALYZER_NG Jan Adam via tcpdump-workers (Mar 15)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Link Layer Type Request NETANALYZER_NG Guy Harris via tcpdump-workers (Mar 18)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Link Layer Type Request NETANALYZER_NG Jan Adam via tcpdump-workers (Mar 22)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Link Layer Type Request NETANALYZER_NG Guy Harris via tcpdump-workers (Mar 22)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Link Layer Type Request NETANALYZER_NG Jan Adam via tcpdump-workers (Mar 24)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Link Layer Type Request NETANALYZER_NG Guy Harris via tcpdump-workers (Mar 24)