Wireshark-dev: Re: [Wireshark-dev] SCTP retransmissions an RTT

From: Michael Tuexen <Michael.Tuexen@xxxxxxxxxxxxxxxxx>
Date: Tue, 13 Feb 2007 18:26:24 +0100
On Feb 13, 2007, at 6:15 PM, Luis Ontanon wrote:

I have a further question:

Can the PMTU of the smallest path of an association shrink between the
transmission of a bundled packet and its retransmission forcing the
sender to retransmit the various chunks of a message in more messages?
Sure. And on retransmissions the packets are built depending on what
was received by the peer, so the packet can look different.

i.e. : Can I just track the highest TSN in a packet and look for its
ack, or should I track every data chunk of each packet separatelly?
No, you have to track each TSN. Have a look at the packet-sctp.c
reassembly code and also at the GUI stuff in gtk/ subdirs, where
also all associations are tracked.

Thanks Again,
Luis

On 2/13/07, Michael Tuexen <Michael.Tuexen@xxxxxxxxxxxxxxxxx> wrote:
Hi Luis,

see my comments in-line.

Best regards
Michael

On Feb 13, 2007, at 2:14 PM, Luis Ontanon wrote:

I need to implement the identification of retransmitted packets and
calculation of RTT to the sctp dissector.

- Is someone already working on this?
I recently committed code for SCTP reassembly. Please have a look at it. It should be easy to add retransmission detection to it. Just look for
the TSN of the DATA chunks. The (half associations) are detected by
the port numbers and the V-tag.
- other than RFC 2960 (sec. 6.3) what other rfcs I must read in order
to implement these?
Should be OK.
- are there any caveats I must be aware before starting this venture?
For RTT detection you have to "connect" both directions of the
association.
Since you can not really use the source/destination address you have to
use a heuristic to combine both half directions.

Please let me know if you have further questions.

Thanks,

Luis

--
This information is top security. When you have read it, destroy
yourself.
-- Marshall McLuhan
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev



--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev