tcpdump mailing list archives
Re: DLT_ reserve request for IPMI trace captures
From: Dmitry <d-bazhenov () yandex ru>
Date: Mon, 09 Jun 2014 14:03:51 +0600
Hello, Guy, Please, see below. 09.06.2014 13:43, Guy Harris пишет:
OK, I've assigned 260 to LINKTYPE_IPMI_HPM_2/DLT_IPMI_HPM_2, with a description of:
IPMI trace packets, as specified by Table 3-20 "Trace Data Block Format" in the PICMG HPM.2 specification.
with the link done as specified.
Thanks.
Since the proposed capture format is generated by a proxy agent which transforms the captured data from the UDP-based connection, time stamps in pcap records/pcap-ng packet blocks may be interpreted as times of receiving of the encapsulated trace data blocks by the proxy from the capturing device, while the trace data block contain time stamps for the captured trace messages. The only utility which I know generates data in the proposed capture format, makes the timestamps in pcap records equal to the stamps in the trace data blocks which is convenient when browsing the captured data in Wireshark. However, in general, this is not required. In that sense, the proposed capture format is not tied to any analyzing program.Also, are the time stamps in pcap records or pcap-ng packet blocks significant, given that the trace blocks contain their own time stamps?They would not be significant, if Wireshark did not use them for displaying packet times. But, since Wireshark does use them,As will other programs that read pcap or pcap-ng files and don't treat LINKTYPE_IPMI_HPM_2 specially (one reason for this registry is to allow other programs to process whatever pcap/pcap-ng link-layer header types the developers choose; the goal is to *avoid* tying link-layer header types to tcpdump or Wireshark or any other program - it should be possible for people to write code to read or write packets of any given link-layer header type without ever having to see any tcpdump/Wireshark/etc. code that reads or writes them).
Regards, Dmitry _______________________________________________ tcpdump-workers mailing list tcpdump-workers () lists tcpdump org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Current thread:
- Re: DLT_ reserve request for IPMI trace captures Dmitry (May 08)
- Re: DLT_ reserve request for IPMI trace captures Guy Harris (May 08)
- Re: DLT_ reserve request for IPMI trace captures Dmitry (May 09)
- Re: DLT_ reserve request for IPMI trace captures Dmitry (May 16)
- Re: DLT_ reserve request for IPMI trace captures Guy Harris (May 16)
- Message not available
- Message not available
- Message not available
- Re: DLT_ reserve request for IPMI trace captures Rich Vasse (Jun 06)
- Re: DLT_ reserve request for IPMI trace captures Dmitry (May 09)
- Re: DLT_ reserve request for IPMI trace captures Guy Harris (May 08)
- Message not available
- Message not available
- Message not available
- Re: DLT_ reserve request for IPMI trace captures Guy Harris (Jun 07)
- Re: DLT_ reserve request for IPMI trace captures Dmitry (Jun 08)
- Re: DLT_ reserve request for IPMI trace captures Guy Harris (Jun 09)
- Re: DLT_ reserve request for IPMI trace captures Dmitry (Jun 09)