[
http://jira.jboss.com/jira/browse/JGRP-324?page=comments#action_12419806 ]
Richard Achmatowicz commented on JGRP-324:
------------------------------------------
I've been investigating modifying the plugin to handle TCP based JGroups traffic, and
it will be very difficult to achieve without a small
modification to the JGroups wireformat.
Here's the problem. When dissecting JGroups over TCP, we have to take account of two
things due to the stream-orientation of TCP:
(i) a large TP bundle may be split into several TCP fragments
(ii) several small TP bundles may be placed into one TCP fragment
Reassembly of TP bundles will occur at the receiving TCP peer end, but Wireshark captures
the fragments before reassembly, in between
the peers so to speak, and so the Wireshark plugin writer has to do the reassembly
herself.
Reassembling TCP fragments is very very simple if we have a field in the TP header which
describes the length of the entire TP bundle.
We can then say to Wireshark - "reassmble enough TCP fragments until you get a buffer
with at least this length". Dissection on a complete
TP bundle can then proceeed in a straightforward fashion. The TP header does not have a
"TP bundle length" field at the moment.
Without this information, we never know if we have a complete TP bundle in the buffer, and
so have to dissect the TCP fragment "on the fly" -
checking before each read from the buffer if we have enough data in the buffer left; in
that case that there is not enough data, request the
reading of another TCP fragment. I've had a go at implementing this, but it is just
too complcated. It's easy to check before each read from the
buffer if there is enough data available. It's also easy to get Wireshark to read
another TCP fragment into the buffer. The real complication is in
returning to the point where processing left off and contuniing, as the dissector is
called anew each time we add in a new TCP fragment to the buffer.
It is possible, but it would make the dissector extremely complicated and difficult to
maintain.
At present, the disseector can handle UDP packets (as far as I am aware) for 2.6.2, which
is what I have been testing with, and any wire compatible format.
If we could add a TP bundle length field to 2.7, this would allow handling both UDP and
TCP for 2.7 onwards.
Wireshark plugin for JGroups
----------------------------
Key: JGRP-324
URL:
http://jira.jboss.com/jira/browse/JGRP-324
Project: JGroups
Issue Type: Feature Request
Reporter: Bela Ban
Assigned To: Richard Achmatowicz
Priority: Minor
Fix For: 2.x
Write a C implementation of a Wireshark plugin which understands the JGroups wire format
and displays information about the JGroups messages (e.g. sender, receiver, headers) in
ethereal.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira