Ethereal-dev: Re: [Ethereal-dev] is it possible to capture the traffic on STM-1/E1 ?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Guy Harris" <gharris@xxxxxxxxx>
Date: Thu, 2 Feb 2006 20:39:22 -0800 (PST)
MCG Zhou Rui wrote:
> hello all:
>         is it possible to capture the traffic on STM-1/E1 ?
>         i.e:I make a STM-1<->ETHERNET PVC connection on a multi services
> platform(Alcatel 7270 , CISCO 3600series),then plug the ethernet
> cable into RJ45 interface of my pc
> run ethereal,will it work?

Will you be able to capture traffic on the Ethernet between your machine
and the Alcatel or Cisco device?  Yes.

Will it capture the raw STM-1 or E1 traffic going to and from the Alcatel
or Cisco device?  No.  Your PC is plugged into an Ethernet, not into the
STM-1 or E1 line.

If you want to capture traffic on the STM-1 or E1, you'd need a special
adapter, such as an Endace DAG3.8S for an STM-1:

    http://www.endace.com/dag3.8S.htm

or a DAG3.7T for an E1:

    http://www.endace.com/dag3.7T.htm

You would also need a PC with an operating system supported by Endace's
drivers for those cards (see the pages I listed for those cards for a list
of OSes they support), and a version of libpcap that includes DAG support
(Endace offer binaries of libpcap for Debian Linux; you might have to
build libpcap - or, if you're using Windows, WinPcap - yourself otherwise,
unless the WinPcap 3.1 binaries include DAG support) and, if the version
of Ethereal you have is statically linked with libpcap, or you don't have
a shared-library version of libpcap with DAG support, you'd also need to
rebuild Ethereal with the version of libpcap that includes DAG support.

> I used Agilent 68xx to monitor the traffic on STM-1/E1 and worked with
> WCDMA protocols such as NBAP/RANAP/...,
> in future ethereal will support these protocols and work on these
> interfaces?

Ethereal includes dissectors for NBAP and RANAP.  I don't know what
protocols in the W-CDMA protocol suite it doesn't handle.

I don't see any place where the NBAP dissector would be called, however,
so I don't know whether it will actually dissect any NBAP traffic.

RANAP would be dissected if Ethereal can see it running atop SCCP.  SCCP
would be recognized if it's running atop MTP3 or TALI.  TALI would be
recognized if it's running atop TCP.  MTP3 would be recognized if it
running atop MTP2 or some other protocols.  What's the protocol stack,
going down to the link layer, running on the STM-1 or E1?