[ovs-discuss] Wireshark Dissector for Nicira Extensions

Vasu Dasari vdasari at gmail.com
Sat Feb 1 13:46:27 UTC 2014 

Thanks Ben. I was using 2.09. When I updated my git, I could see the
command you suggested. But, unfortunately it was not working.

vdasari at mininet:~$ ovs-ofctl ofp-parse-pcap of.pcap
vdasari at mininet:~$

On digging through the code, I found that there could be an issue with
tcp_reader_run() or tcp_stream_lookup() and seq_no. "stream->seq_no is
always 0". Once I force the code to return the "payload" by not checking
for seq_no,, from tcp_reader_run() function, I could see the right
output.And this logic is working for me. Probably there is something you
had thought of regarding sequence numbers which I might be overlooking.

vdasari at mininet:~/ovs$ ovs-ofctl ofp-parse-pcap of.pcap
192.168.56.53.6633 > 192.168.56.51.58836:
NXT_SET_FLOW_FORMAT (xid=0x4): format=nxm

-Vasu


On Fri, Jan 31, 2014 at 5:50 PM, Ben Pfaff <blp at nicira.com> wrote:

> The command you want is ofp-parse-pcap.  It is only in the latest
> version of OVS.
>
> On Fri, Jan 31, 2014 at 02:46:34PM -0500, Vasu Dasari wrote:
> > Ben,
> >
> > I tried as per your suggestion, this is what I got:
> >
> > vdasari at mininet:~$ ovs-ofctl parse-pcap of.pcap
> >
> tcp,metadata=0,in_port=0,vlan_tci=0x0000,dl_src=08:00:27:90:d5:77,dl_dst=08:00:27:b9:12:86,nw_src=192.168.56.53,nw_dst=192.168.56.51,nw_tos=192,nw_ecn=0,nw_ttl=64,tp_src=6633,tp_dst=58836,tcp_flags=0x018
> >
> > I was hoping to see TCP data content details, like OF, and vendor
> specific
> > information, etc. Do I need to give any more flags to get the detailed
> > "vendor specific" information.
> >
> > The packet details from the tshark is as follows:
> >
> > vdasari at mininet:~/Developer/wireshark$ tshark -r ~/of.pcap -V
> > .
> > .
> > OpenFlow 1.0
> >     .000 0001 = Version: 1.0 (0x01)
> >     Type: OFPT_VENDOR (4)
> >     Length: 20
> >     Transaction ID: 4
> > Message data not dissected yet
> >
> >
> > Thanks,
> > -Vasu
> >
> >
> > On Fri, Jan 31, 2014 at 12:55 PM, Ben Pfaff <blp at nicira.com> wrote:
> >
> > > On Fri, Jan 31, 2014 at 12:30:11PM -0500, Vasu Dasari wrote:
> > > > I am trying to see packets between controller and OVS on wireshark.
> I am
> > > > using wireshark version: 1.11.2 from the git repository on
> wireshark.org
> > > .
> > > > The dissector is pretty good allowing me to decode openflow standard
> > > > messages. But, when trying to decode OF messages of type
> "OFPT_VENDOR",
> > > > wireshark gives up dissecting the vendor portion.
> > > >
> > > > Can some point me to wireshark patch file (if any) to dissect nicira
> > > vendor
> > > > field further. If there is none, I can work on this.
> > >
> > > I don't know of any, but you can use "ovs-ofctl ofp-parse-pcap" in the
> > > latest version of OVS to get equivalent output.
> > >
>
> > _______________________________________________
> > discuss mailing list
> > discuss at openvswitch.org
> > http://openvswitch.org/mailman/listinfo/discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20140201/f2c91da6/attachment.html>

More information about the discuss mailing list