Wireshark · Ethereal-users: RE: [Ethereal-users] Can't use sendto with raw sockets!

Ethereal-users: RE: [Ethereal-users] Can't use sendto with raw sockets!

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Richard Urwin <rurwin@xxxxxxxxxxxxxxx>
Date: Thu, 28 Feb 2002 10:10:40 -0000
You seem to be confusing Ethernet and IP.

Ethernet is a Link level protocol and a Physical layer implementation. The
original ethernet implementations used a single piece of coaxial cable
connecting every machine on the network. In this case it is fairly obvious
that every machine has access to every packet on the network. In the newer
xBaseT implementations things get more complex but you can view them, for
your purposes, the same. Since Ethernet packets are broadcast on the medium
there does not have to be a destination address given to the software
driver. If the packet that is transmitted onto the medium contains the
correct ethernet address then the destination machine will receive it.

Since you are talking about IP addresses I will assume that you want to
build an IP switch/bridge, if not then see below.

IP is the Network layer protocol. It is responsible for routing the packet
through various physical networks from the source machine to the destination
machine. Your project will form one link in this chain. This means that you
will be receiving Ethernet packets, decoding the IP header, deciding which
ethernet address to send them to, maybe making trivial modifications to the
IP header (eg decrementing the hop count, not all commercial switches do
this so don't feel obliged to do it), building a new ethernet header
appropriately and transmitting it on the appropriate interface.

I would recommend that you do decrement the IP hop count, but if you do you
mut also return an ICMP error to the source machine if the hop count has
expired. This extra work will mean that your machine will be visible in a
"traceroute" trace, and that might be useful evidence that the switch is
working.

Note that a single ethernet address might be associated with many IP
addresses, because it might be a switch:

Machine  NIC  Ethernet              IP
  A       1  1.1.1.1.1.1         192.1.1.1
                                              Network W
  B       1  12.12.12.12.12.12   192.1.1.2
          2  22.22.22.22.22.22   192.1.2.2
                                              Network X
  C       1  13.13.13.13.13.13   192.1.2.3
          2  23.23.23.23.23.23   192.1.3.3
                                              Network Y
  D       1  14.14.14.14.14.14   192.1.3.4
          2  24.24.24.24.24.24   192.1.4.4
                                              Network Z
  E       1  15.15.15.15.15.15   192.1.4.5


Machine A sends a packet to Machine E via Machine B(NIC1) on Network W
  ethernet source 1.1.1.1.1.1   dest 12.12.12.12.12
  IP source 192.1.2.1 dest 192.1.4.5  Hop Count 63

Machine B(NIC2) sends the packet to Machine C(NIC1) on Network X
  ethernet source 22.22.22.22.22.22   dest 13.13.13.13.13.13
  IP source 192.1.2.1 dest 192.1.4.5  Hop Count 62

Machine C(NIC2) sends the packet to Machine D(NIC1) on Network Y
  ethernet source 23.23.23.23.23.23   dest 14.14.14.14.14.14
  IP source 192.1.2.1 dest 192.1.4.5  Hop Count 61

Machine D(NIC2) sends the packet to Machine E on Network Z
  ethernet source 24.24.24.24.24.24   dest 15.15.15.15.15.15
  IP source 192.1.2.1 dest 192.1.4.5  Hop Count 60

If your machine is D above, then it will see the packet from 192.1.2.1
coming from machine C, whos local traffic comes from 192.1.4.4

You may need to get into routing, even just having a default address which
to use for all remote packets. This default gateway machine may send you
ICMP redirection packets that you must decode and implement.

Your reference to IP may have misdirected me, you may want to build a
switching hub, which for symmetry and clarity I might term an Ethernet
switch. In this case you will want to ignore IP altogether and use only
Ethernet addresses. In this case there are two ethernet networks, but they
have the same IP network addresses. You can do this without looking at the
IP header at all, and it is better to do this because then you can switch
all traffic rather than just IP.

Machine  NIC  Ethernet              IP       Ethernet  IP net
  A       1  1.1.1.1.1.1         192.1.1.1
                                                 W       w
  B       1  12.12.12.12.12.12   192.1.1.2
          2  22.22.22.22.22.22   192.1.2.2
                                                 X       x
  C       1  13.13.13.13.13.13   192.1.2.3
          2  23.23.23.23.23.23   192.1.2.13 <**
                                                 Y       x <**
  D       1  14.14.14.14.14.14   192.1.2.4  <**
          2  24.24.24.24.24.24   192.1.4.4
                                                 Z       z
  E       1  15.15.15.15.15.15   192.1.4.5


Machine A sends a packet to Machine E via Machine B(NIC1) on Network W
  ethernet source 1.1.1.1.1.1   dest 12.12.12.12.12

Machine B(NIC2) sends the packet to Machine D(NIC1) on Network X
  ethernet source 22.22.22.22.22.22   dest 14.14.14.14.14.14

Machine C(NIC2) grabs the packet, decides that it is for network Y
            and sends the packet to Machine D(NIC1) on Network Y
  ethernet source 22.22.22.22.22.22 <**  dest 14.14.14.14.14.14

Machine D(NIC2) sends the packet to Machine E on Network Z
  ethernet source 24.24.24.24.24.24   dest 15.15.15.15.15.15

It looks much the same, but here machine C does not know about any of the IP
addresses. It just receives a packet from machine B and retransmits it on
the other network. Note that there is a trap in the above description.
Machine C is transmitting a packet with the source ethernet address of
another machine.  If machine C used its own address then machine D would
reply to the packet using machine C's address. That reply could not be
correctly routed back to machine B.

Supplying an ethernet source address for a packet is difficult to do and may
be impossible to do with many NICs. It is usually the NIC which puts the
source address into the packet. If the OS function documentation says that
you can do so you should also ensure that it is really implemented, and that
the NIC you are using supports it. I wouldn't trust it until I had monitored
it on a packet analyser (like Ethereal).

So: If you are building an IP switch then you need a table of IP addresses
and Ethernet addresses (many-to-one relationship), you need to handle IP and
several ICMP types and you need to be able to route packets in a rudimentary
manner.

If you are building an Ethernet switch then you need to make sure that you
can transmit packets with arbitrary ethernet source addresses, but you can
ignore IP.

Either way you do not need to specify the destination address to the OS
function, just put it into the packet.

I am copying this to the Ethereal list because it might interest someone and
because someone may be able to throw more light onto the source address
issue with regard to Linux. Feel free to contact me again if you have
questions, but it's probably a good idea to do so directly rather than
through Ethereal-users, since this isn't related to Ethereal.

I hope this has been of some help to you.

-- 
Richard Urwin, Private
"No 9000 series computer has ever made a mitsake or corrubiteddatatato."
 

-----Original Message-----
From: Shweta Prafulla Bagade [mailto:spbagade@xxxxxxxxxxxxxx]
Sent: Thursday, February 28, 2002 5:10 AM
To: ethereal-users@xxxxxxxxxxxx
Subject: [Ethereal-users] Can't use sendto with raw sockets!


Sirs,
 	We are a group of three students working on a project which is 
the software implementation of a LAN switch. We are working with 
sockets in Linux(sock_packet). what we basically wish to achieve 
is to be able to switch between two logical segments using our 
code. We have a multihomed PC with the NICs connected to different 
logical segments.
What we have achieved so far is capturing packets on the network 
by putting our card in promisc mode and storing the destination IP 
addresses in some buffer. We have made a decision about the NIC 
which should forward the packet to the destination workstation.
We are trying to use sendto to send the packet to the destination 
workstation but the problem is that with sockaddr structure we 
can't specify destination address. Instead if we use the structure 
sockaddr_in(the destination address can be specified) the 
Interface such as eth0 cannot be specified.
Please help us out as to why sendto does not work this way. If 
there is another way to get the sending of packet done please let 
us know!
Thankx in advance,
Shweta Bagade & group.

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs SkyScan
service. For more information on a proactive anti-virus service working
around the clock, around the globe, visit http://www.messagelabs.com
________________________________________________________________________

________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs SkyScan
service. For more information on a proactive anti-virus service working
around the clock, around the globe, visit http://www.messagelabs.com
________________________________________________________________________
Prev by Date: [Ethereal-users] Can't use sendto with raw sockets!
Next by Date: [Ethereal-users] More on tehereal exceptions and Blue Screens
Previous by thread: [Ethereal-users] Can't use sendto with raw sockets!
Next by thread: [Ethereal-users] gaming applications
Index(es):
- Date
- Thread