Wireshark-bugs: [Wireshark-bugs] [Bug 5458] BGP add-path (Additional Paths) support for IPv4 uni
Date: Wed, 1 Dec 2010 14:13:21 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5458

--- Comment #1 from Olivier Montanuy <[email protected]> 2010-12-01 14:13:20 PST ---
Created an attachment (id=5553)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5553)
BGP add-path support for IPv4 unicast only

This is a proposed patch to decode BGP add-path messages for IPv4 unicast only.
It correctly decodes the proposed capture file, and still decode correctly a
capture of about 100k BGP packets taken on a large backbone network. 
Fuzz tested against some BGP add-path captures.

Remaining problems with this patch:

- the indentation may be wrong (I had to fix them manually)

- In the BGP add-path capability, the bit flags are not decoded as a tree.
  I'm not proficient enough in wireshark to do that reliably.

- the decoder of NLRI and Withdrawn routes does not rely on the BGP
   add-path capability because OPEN messages are often unavailable.

 - For every list of IPv4 prefix in every BGP packet, independently,
   it will check if the encoding is compatible with add-path but not 
   compatible with standard encoding. 
   Only then will the prefixes be decoded as BGP add-path. 
   I checked that standard BGP NLRI or Withdraw are not confused with the
   BGP add-path version, and it seems to work fine, at least for IPv4.
   But it may not work as well for IPv6 or prefixes with MPLS labels,
   so I hope someone can find a way to flag that packets of the same
   BGP sessions must be decoded using the BGP add-path encoding.

Sorry for the mess, but this is a consequence of the BGP add-path proposal.
It does not contain any provision to help the job of packets analyzers like 
Wireshark, even though they are used for debugging and interoperability tests.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.