To me, it makes more sense to separate them into two different
dissectors, but I think a conversation is overkill in this case, so I'll
present you with a possible third option, and that is to pass whatever
information you need from the DDP header in the pinfo->private_data to
the RDMA dissector.
There are many examples of various dissectors using the private_data
pointer, which is documented in epan/packet_info.h.
- Chris
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Yves
Geissbuehler
Sent: Friday, September 21, 2007 4:59 AM
To: Developer support list for Wireshark
Subject: [Wireshark-dev] Design Question: more than one protocol
perdissector
Hi all.
I face the situation where two protocols (RDMA on top of DDP) are not
always truly two protocols with respect to the protocol headers. RDMA
generally uses some parts to of DDP's header fields to represent RDMA
messages. But for two of the RDMA messages, RDMA also adds its own
header to the DDP header (see also figure).
case 1: RDMA uses the DDP header:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TCP | MPA | DDP | payload | MPA _PADDING | MAP_CRC |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
case 2: RDMA adds its own header:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TCP | MPA | DDP | RDMA | payload | MPA _PADDING | MAP_CRC |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
I see two possibilities to implement this in wireshark:
option 1: Use one dissector for both, DDP and RDMA
Well, I just put both protocols in one dissector and dissect RDMA
header on a per need basis by adding a RDMA subtree to the DDP
protocol tree.
option 2: Use one dissector for each of the two protocols
Since RDMA relies in some cases on the information of the DDP header
I would create a 'conversation' for the DDP traffic and attach to it
the DDP header information as a data struct. In the RDMA dissector I
would get the DDP conversation and retrieve the DDP information that
I attached to it previously. Based on this data I would identify what
kind of RDMA message it is and dissect the RDMA header if there is any.
I would like to ask, if there are any implications or potential
issues regarding these two options? Would you accept both options for
your wireshark repository?
Thanx
- Yves
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
-----------------------------------------
This email may contain confidential and privileged material for the
sole use of the intended recipient(s). Any review, use, retention,
distribution or disclosure by others is strictly prohibited. If you
are not the intended recipient (or authorized to receive for the
recipient), please contact the sender by reply email and delete all
copies of this message. Also, email is susceptible to data
corruption, interception, tampering, unauthorized amendment and
viruses. We only send and receive emails on the basis that we are
not liable for any such corruption, interception, tampering,
amendment or viruses or any consequence thereof.
