Ethereal-dev: Re: [Ethereal-dev] Accessing low level protocol's info
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Hannes Gredler <hannes@xxxxxxxxxxx>
Date: Wed, 28 Aug 2002 14:02:06 +0200
On Wed, Aug 28, 2002 at 09:27:44PM +1000, Ronnie Sahlberg wrote: | From: "Hannes Gredler" | | | > | There is no general framework to allow an arbitrary dissector to get | > | arbitrary information from arbitrary lower-level dissectors. | > | > bummer - i stumbled in the IS-IS dissector about this as well; | > for example in IS-IS there is a checksum TLV (12); | > however in order to verify the checksum | > it needs to parse the entire packet, which would mean accessing data | > from a higher level; | | How horrible. Why on earth would one develop a protocol which has | dependencies | into lower layer protocols. Its bad enough that TCP and UDP do this, but | that was a long time | ago and people didnt know better then, but today... | Do ethereal really need to verify that this checksum is correct? IS-IS has got the protocol defect that only LSPs are checksummed and IIHs [Hellos] and SNPs [link-state DB sync packets] are no checksummed at all; [see the attached draft for details] - here a TLV is described that contains the checksum for teh entire packet; clearly a layering violation but it helps ;-) /hannes
Internet Engineering Task Force T. Przygienda INTERNET DRAFT Bell Labs 1 Nov 1998 Optional Checksums in ISIS <draft-ietf-isis-wg-snp-checksum-00.txt> Status of This Memo This document is an Internet Draft, and can be found as draft-przygienda-snp-checksum-00.txt in any standard internet drafts repository. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material, or to cite them other than as a ``working draft'' or ``work in progress.'' Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any other Internet Draft. Abstract This draft describes an optional extension to IS-IS [ISO90, Cal90a, Cal90b], used today by several ISPs for routing within their clouds. IS-IS is an interior gateway routing protocol developed originally by OSI and used with IP extensions as IGP. IS-IS originally doesn't provide CSNP adn PSNP checksums, relying on the underlying layers to verify the integrity of information provided. Experience with the protocol shows that this precondition does not always hold and scenarios can be imagined that impact protocol functionality. This document introduces a new optional TLV providing checksums. 1. Introduction IS-IS CSNPs and PSNPs and IIHs can be corrupted in case of faulty implementations of L2 hardware or lack of checksuming on a specific network technology. As a particularly ugly case, corruption of Przygienda et al. Expires 1 May 1999 [Page 1] ^L Internet Draft SNP Checksums 1 Nov 1998 length and/or TLV length fields may lead to generation of extensive numbers of "empty" LSPs in the receiving node. Since we cannot rely on authentication as checksum mechanism, this document proposes an optional TLV to add checksums to the elements. 2. TLV Description The optional TLV MAY BE included in all CSNP, PSNP and IIH packets and an implementation that implements optional checksums MUST accept PDUs if they do NOT contain the optional checksum. Implementations that receive optional checksum TLV and support it MUST discard the PDU if the checksum is incorrect. An implementation that does NOT implement optional checksums MAY accept a PDU that contains the checksum TLV. An implementation that supports optional checksums and receives it within any other PDU than CSNP, PSNP or IIH MUST discard the PDU. Such an implementation MAY discard the PDU as well if more than one optional checksum TLVs are included within it. 3. Checksum Computation The checksum is a fletcher checksum computed according to iso 8473 Annex C over the complete PDU. 4. Interaction with TLVs using PDU Data to Compute Signatures Since other TLVs could be introduced that use PDU data as input to a function that generates output to be included in the PDU, authentication being a straight-forward example thereof, it is important to specify the sequence at which the computation of different signatures takes place. An implementation that implements optional checksums must generate the TLV and fill the TLV Checksum part with 0's. After all other signatures have been computed, the checksum MUST BE filled in after all other signatures have been generated. The implementation MAY choose to omit the optional checksum if it is aware that other signatures are included in the PDU that provide equivalent functionality. 5. TLV Format 0 1 2 3 4 5 6 7 8 0 1 2 3 4 5 6 7 8 +-----------------+-----------------+ | TLV Type = 12 | TLV Length | +-----------------+-----------------+ Przygienda et al. Expires 1 May 1999 [Page 2] ^L Internet Draft SNP Checksums 1 Nov 1998 | TLV Checksum (32 bits) | | | +-----------------------------------+ 6. Acknowledgments Tony Li mentioned the original problem. Somehow related problems with purging on LSP checksum errors have been observed by others before. 7. Security Consideration ISIS security applies to the work presented. No specific security issues as to the new element are known. References [Cal90a] R. Callon. OSI ISIS Intradomain Routing Protocol. INTERNET-RFC, Internet Engineering Task Force, February 1990. [Cal90b] R. Callon. Use of OSI ISIS for Routing in TCP/IP and Dual Environments. INTERNET-RFC, Internet Engineering Task Force, December 1990. [ISO90] ISO. Information Technology - Telecommunications and Information Exchange between Systems - Intermediate System to Intermediate System Routing Exchange Protocol for Use in Conjunction with the Protocol for Providing the Connectionless-Mode Network Service. ISO, 1990. Authors' Addresses Tony Przygienda Bell Labs, Lucent Technologies 101 Crawfords Corner Road Holmdel, NJ 07733-3030 prz@xxxxxxxxxxxxxxxxxx Przygienda et al. Expires 1 May 1999 [Page 3]
- References:
- [Ethereal-dev] Accessing low level protocol's info
- From: Sureshkumar Manimuthu
- Re: [Ethereal-dev] Accessing low level protocol's info
- From: Guy Harris
- Re: [Ethereal-dev] Accessing low level protocol's info
- From: Hannes Gredler
- Re: [Ethereal-dev] Accessing low level protocol's info
- From: Ronnie Sahlberg
- [Ethereal-dev] Accessing low level protocol's info
- Prev by Date: [Ethereal-dev] Re: trying to build with giop plugin using Solaris 2.7 and ethereal 0.9.6
- Next by Date: RE: [Ethereal-dev] Programming style/performance question
- Previous by thread: Re: [Ethereal-dev] Accessing low level protocol's info
- Next by thread: [Ethereal-dev] I am confused by the MS impl of SPNEGO vs spec ...
- Index(es):