Wireshark mailing list archives
Re: Overview of MPLS PW bugs
From: Francesco Fondelli <francesco.fondelli () gmail com>
Date: Sun, 8 Jan 2017 19:03:21 +0100
Hi Guy, On Sat, Jan 7, 2017 at 10:38 PM, Guy Harris <guy () alum mit edu> wrote:
On Jan 7, 2017, at 1:15 PM, Francesco Fondelli <francesco.fondelli () gmail com> wrote:the pw_eth_heuristic is too strong, it does not take into consideration locally-assigned MAC addresses and multicast (as noted in some bugs by Guy Harris and Michael Mann). Patches are welcome :-)The heuristic used in the pw_eth_heuristic dissector is both too strong *and* too weak: it's too strong because it only recognizes globally-assigned MAC addresses; it's too weak because it only checks the MAC address - it doesn't check whether, if the type/length field is a type field, the type is one we know or, if it's a length field, whether the headers following the MAC header are something we'll dissect. Bugs for *both* of those problems have been filed.
I agree. The pw_eth_heuristic should be improved.
That said, I think the current situation is a good trade-off.The *current heuristics* are clearly *not* a good trade-off, given the bugs that have been filed. They need to be improved, in both directions.
With current situation I meant the logic we have in packet-mpls.c.
The not edulcorated version reads "Ethernet PW without control word is a pain in the ass, do not use it".That may be the case, but apparently people *do* use it, and if we can make life less painful for them without making life more painful for the people "doing the right thing", we should do so.
I agree. However, we should try hard not to break the good boys that are just using plain IPv{4,6}.
an other improvement could be to add logic to signalling dissectors (e.g. LDP, BGP) in order to add explicit label-to-dissector bindings. This would be useful only in case signalling and data plane are captured together. Therefore, I guess this is not common and it isn't worth it.We *already* do that for some other control and data plane protocols; for example, RTSP and SDP dissectors can set up UDP traffic to be dissected as RTP (there are other examples as well), so I don't consider that a sufficiently good reason not to do it.
Still think is a corner case, but I put it in the todo list. thanks ciao fra ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Overview of MPLS PW bugs Jaap Keuter (Jan 07)
- Re: Overview of MPLS PW bugs Francesco Fondelli (Jan 07)
- Re: Overview of MPLS PW bugs Guy Harris (Jan 07)
- Re: Overview of MPLS PW bugs Francesco Fondelli (Jan 08)
- Re: Overview of MPLS PW bugs Guy Harris (Jan 07)
- Re: Overview of MPLS PW bugs Guy Harris (Jan 07)
- Re: Overview of MPLS PW bugs Francesco Fondelli (Jan 08)
- Re: Overview of MPLS PW bugs Guy Harris (Jan 08)
- Re: Overview of MPLS PW bugs Francesco Fondelli (Jan 10)
- Re: Overview of MPLS PW bugs Francesco Fondelli (Jan 08)
- Re: Overview of MPLS PW bugs Francesco Fondelli (Jan 07)