Hi Mauro, Instead of dedicating a bit to the enterprise flag, we could also define a specific tag for the IANA-PEN, then the enterprise number itself followed by its private payload. This way we keep the full range of value tags at the cost of 2 extra bytes per packet. Presumably we will need also to have a way to register a custom dissector so as to decode this enterprise specific metadata using a plugin for example.
Best regards, Pascal. 20 juin 2024 07:23:54 Anders Broman <a.broma...@gmail.com>: > Not against the suggestion per se but isn't it better that you write an MR > including the new tags you need so that wireshark can read your files? > Best regards > Anders > > > Den tors 20 juni 2024 06:30Mauro Levra via Wireshark-dev > <wireshark-dev@wireshark.org> skrev: >> Dear all, >> >> I have been looking for a way to store 4G and 5G RAN/Core signaling traces >> in pcapng. Its lack of support for 5G traces made me abandon gsmtap and >> focus on the exported_pdu protocol that allows me to specify the dissector >> to apply and hence can handle any protocol. >> >> The TLV approach for the header/metadata is extremely effective. I am >> suggesting you extend it to make it support arbitrary application-specific >> metadata. >> >> Inspired by ideas from IPFIX [RFC7011], here is my proposal. >> >> Option Code / Tag gets reduced from 16 bits to 15 bits. The skipped bit >> becomes E, the Enterprise bit. If this bit is zero, the Tag identifies a >> standard option. If this bit is one, the Tag identifies an >> enterprise-specific Option, and an Enterprise Number field MUST be present >> at the beginning of the option value. >> >> The Enterprise Number is the IANA enterprise number [IANA-PEN] of the >> authority defining the Option / Tag and its meaning. >> >> This proposal halves the number of available codes for standard options; at >> the same time, it gives much more flexibility to third parties to include >> metadata in the header as they can maintain their list of codes and options. >> >> Examples: >> >> 00 0E 00 08 74 63 70 2e 70 6F 72 74 >> TAG: 0x000E (14) >> LEN: 0x0008 (8) >> VALUE: tcp.port >> >> 10 01 00 08 00 00 D2 30 01 02 03 04 >> E: 1 >> TAG: 0x0001 (1) >> LEN: 0x0008 (8) >> ENTERPRISE: 0x0000D230 (53808) "VIAVI Solutions Inc." >> DATA (remaining 4 octets): 01 02 03 04 >> >> What do you think? >> >> Regards, >> >> Mauro >> >> >> [RFC7011] <https://datatracker.ietf.org/doc/html/rfc7011>. >> >> [IANA-PEN] IANA, "Private Enterprise Numbers", >> <https://www.iana.org/assignments/enterprise-numbers/>. >> ___________________________________________________________________________ >> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> >> Archives: https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe