Re: Feedback about Multipath TCP support

[Alexis La Goutte <alexis.lagoutte () gmail com>]

On Sun, Dec 28, 2014 at 1:58 PM, Matt <mattator () gmail com> wrote:

> Thanks for the comments.
>
> I will try to proceed as suggested by alexis via pushing to gerrit
> smaller (cleaned) patches.
Waiting your patches ;-)


> I have a question about the rules one attribute I added should conform
> to. I've added a "mptcp.stream" attribute to dissection, similar to
> "tcp.stream" with the difference that currently attributed numbers can
> be disjoint (ie you have packets matching "mptcp.stream == 0 or
> mptcp.stream == 3" but not packets for values 1,2 for instance) and I
> wonder if this is a problem (I believe it is) ?
> This is due to the fact that - according to my  implementation - some
> TCP flows are first attributed an mptcp.stream as soon as wireshark
> sees an MPTCP option. When later on they are associated with another
> MPTCP connection, all tcp flows adopt/share the "mptcp.stream" of that
> connection (referring to the previous example,  a TCP flow first got
> attributed mptcp.stream 1 while unassociated, then later it was
> associated to another TCP flow with "mptcp.stream == 0", thus giving
> up mptcp.stream 1, for which there is now 0 packets).
> I don't see any easy to have the mptcp.stream in order except if:
> - I don't give numbers to unassociated mptcp streams (which is wrong
> in my opinion, they should still be considered as streams)
> - I attribute mptcp.stream to unassociated flows at the end of
> dissection (when last packet get parsed), but I don't know how to do
> it. TCP flows can remain unassociated when wireshark didn't capture
> the interface on which the first TCP subflow of the MPTCP connection
> started.


> Hope it's clear x)  I wonder if there was a similar problem with SCTP
> associations dissections and how it got solved ?
Do you have look how to SCTP assoc works ?

Also Wireshark have 2 pass analysis, may be it will be help !

> Regards
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe