Hi Mauro,

Instead of dedicating a bit to the enterprise flag, we could also define a 
specific tag for the IANA-PEN, then the enterprise number itself followed by 
its private payload. This way we keep the full range of value tags at the cost 
of 2 extra bytes per packet.
Presumably we will need also to have a way to register a custom dissector so as 
to decode this enterprise specific metadata using a plugin for example.

Best regards,
Pascal.

20 juin 2024 07:23:54 Anders Broman <a.broma...@gmail.com>:

> Not against the suggestion per se  but isn't it better that you write an MR 
> including the new tags you need so that wireshark can read your files?
> Best regards
> Anders
> 
> 
> Den tors 20 juni 2024 06:30Mauro Levra via Wireshark-dev 
> <wireshark-dev@wireshark.org> skrev:
>> Dear all,
>> 
>> I have been looking for a way to store 4G and 5G RAN/Core signaling traces 
>> in pcapng. Its lack of support for 5G traces made me abandon gsmtap and 
>> focus on the exported_pdu protocol that allows me to specify the dissector 
>> to apply and hence can handle any protocol.
>> 
>> The TLV approach for the header/metadata is extremely effective. I am 
>> suggesting you extend it to make it support arbitrary application-specific 
>> metadata.
>> 
>> Inspired by ideas from IPFIX [RFC7011], here is my proposal.
>> 
>> Option Code / Tag gets reduced from 16 bits to 15 bits. The skipped bit 
>> becomes E, the Enterprise bit. If this bit is zero, the Tag identifies a 
>> standard option. If this bit is one, the Tag identifies an 
>> enterprise-specific Option, and an Enterprise Number field MUST be present 
>> at the beginning of the option value.
>> 
>> The Enterprise Number is the IANA enterprise number [IANA-PEN] of the 
>> authority defining the Option / Tag and its meaning.
>> 
>> This proposal halves the number of available codes for standard options; at 
>> the same time, it gives much more flexibility to third parties to include 
>> metadata in the header as they can maintain their list of codes and options.
>> 
>> Examples:
>> 
>> 00 0E 00 08 74 63 70 2e 70 6F 72 74
>> TAG: 0x000E (14)
>> LEN: 0x0008 (8)
>> VALUE: tcp.port
>> 
>> 10 01 00 08 00 00 D2 30 01 02 03 04
>> E: 1
>> TAG: 0x0001 (1)
>> LEN: 0x0008 (8)
>> ENTERPRISE: 0x0000D230 (53808) "VIAVI Solutions Inc."
>> DATA (remaining 4 octets): 01 02 03 04
>> 
>> What do you think?
>> 
>> Regards,
>> 
>> Mauro
>> 
>> 
>> [RFC7011]  <https://datatracker.ietf.org/doc/html/rfc7011>.
>> 
>> [IANA-PEN] IANA, "Private Enterprise Numbers", 
>> <https://www.iana.org/assignments/enterprise-numbers/>.
>> ___________________________________________________________________________
>> Sent via:    Wireshark-dev mailing list <wireshark-dev@wireshark.org>
>> Archives:    https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>              mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Reply via email to