node3.html 7.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
  1. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
  2. <!--Converted with LaTeX2HTML 2002-2-1 (1.70)
  3. original version by: Nikos Drakos, CBLU, University of Leeds
  4. * revised and updated by: Marcus Hennecke, Ross Moore, Herb Swan
  5. * with significant contributions from:
  6. Jens Lippmann, Marek Rouchal, Martin Wilck and others -->
  7. <HTML>
  8. <HEAD>
  9. <TITLE>3 Design Thoughts</TITLE>
  10. <META NAME="description" CONTENT="3 Design Thoughts">
  11. <META NAME="keywords" CONTENT="flowreplay">
  12. <META NAME="resource-type" CONTENT="document">
  13. <META NAME="distribution" CONTENT="global">
  14. <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
  15. <META NAME="Generator" CONTENT="LaTeX2HTML v2002-2-1">
  16. <META HTTP-EQUIV="Content-Style-Type" CONTENT="text/css">
  17. <LINK REL="STYLESHEET" HREF="flowreplay.css">
  18. <LINK REL="next" HREF="node4.html">
  19. <LINK REL="previous" HREF="node2.html">
  20. <LINK REL="up" HREF="flowreplay.html">
  21. <LINK REL="next" HREF="node4.html">
  22. </HEAD>
  23. <BODY >
  24. <DIV CLASS="navigation"><!--Navigation Panel-->
  25. <A NAME="tex2html58"
  26. HREF="node4.html">
  27. <IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
  28. <A NAME="tex2html56"
  29. HREF="flowreplay.html">
  30. <IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
  31. <A NAME="tex2html50"
  32. HREF="node2.html">
  33. <IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
  34. <BR>
  35. <B> Next:</B> <A NAME="tex2html59"
  36. HREF="node4.html">4 Multiple Independent Flows</A>
  37. <B> Up:</B> <A NAME="tex2html57"
  38. HREF="flowreplay.html">Flowreplay Design Notes</A>
  39. <B> Previous:</B> <A NAME="tex2html51"
  40. HREF="node2.html">2 Features</A>
  41. <BR>
  42. <BR></DIV>
  43. <!--End of Navigation Panel-->
  44. <!--Table of Child-Links-->
  45. <A NAME="CHILD_LINKS"><STRONG>Subsections</STRONG></A>
  46. <UL CLASS="ChildLinks">
  47. <LI><A NAME="tex2html60"
  48. HREF="node3.html#SECTION00031000000000000000"><SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">1</SPAN> <SPAN ID="hue95">Sending and Receiving traffic</SPAN></A>
  49. <LI><A NAME="tex2html61"
  50. HREF="node3.html#SECTION00032000000000000000"><SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">2</SPAN> <SPAN ID="hue119">Handling Multiple Connections</SPAN></A>
  51. <LI><A NAME="tex2html62"
  52. HREF="node3.html#SECTION00033000000000000000"><SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">3</SPAN> <SPAN ID="hue128">Data Synchronization</SPAN></A>
  53. <LI><A NAME="tex2html63"
  54. HREF="node3.html#SECTION00034000000000000000"><SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">4</SPAN> <SPAN ID="hue133">TCP/IP</SPAN></A>
  55. </UL>
  56. <!--End of Table of Child-Links-->
  57. <HR>
  58. <H1><A NAME="SECTION00030000000000000000">
  59. <SPAN CLASS="arabic">3</SPAN> <SPAN ID="hue93">Design Thoughts</SPAN></A>
  60. </H1>
  61. <P>
  62. <H2><A NAME="SECTION00031000000000000000">
  63. <SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">1</SPAN> <SPAN ID="hue95">Sending and Receiving traffic</SPAN></A>
  64. </H2>
  65. <P>
  66. <SPAN ID="hue97">Flowreplay must be able to process multiple connections
  67. to one or more devices. There are two options:</SPAN>
  68. <P>
  69. <OL>
  70. <LI><SPAN ID="hue100">Use sockets</SPAN><A NAME="tex2html2"
  71. HREF="#foot370"><SUP><SPAN CLASS="arabic">2</SPAN></SUP></A> <SPAN ID="hue104">to send and receive data</SPAN>
  72. </LI>
  73. <LI><SPAN ID="hue106">Use libpcap</SPAN><A NAME="tex2html3"
  74. HREF="#foot371"><SUP><SPAN CLASS="arabic">3</SPAN></SUP></A> <SPAN ID="hue110">to receive packets and libnet</SPAN><A NAME="tex2html4"
  75. HREF="#foot372"><SUP><SPAN CLASS="arabic">4</SPAN></SUP></A> <SPAN ID="hue114">to send packets</SPAN>
  76. </LI>
  77. </OL>
  78. <SPAN ID="hue117">Although using libpcap/libnet would allow more simultaneous
  79. connections and greater flexibility, there would be a very high complexity
  80. cost associated with it. With that in mind, I've decided to use sockets
  81. to send and receive data.</SPAN>
  82. <P>
  83. <H2><A NAME="SECTION00032000000000000000">
  84. <SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">2</SPAN> <SPAN ID="hue119">Handling Multiple Connections</SPAN></A>
  85. </H2>
  86. <P>
  87. <SPAN ID="hue121">Because a pcap file can contain multiple simultaneous
  88. flows, we need to be able to support that too. The biggest problem
  89. with this is reading packet data in a different order then stored
  90. in the pcap file. </SPAN>
  91. <P>
  92. <SPAN ID="hue123">Reading and writing to multiple sockets is easy
  93. with select() or poll(), however a pcap file has it's data stored
  94. serially, but we need to access it randomly. There are a number of
  95. possible solutions for this such as caching packets in RAM where they
  96. can be accessed more randomly, creating an index of the packets in
  97. the pcap file, or converting the pcap file to another format altogether.
  98. Alternatively, I've started looking at libpcapnav</SPAN><A NAME="tex2html5"
  99. HREF="#foot124"><SUP><SPAN CLASS="arabic">5</SPAN></SUP></A> <SPAN ID="hue126">as an alternate means to navigate a pcap file and
  100. process packets out of order.</SPAN>
  101. <P>
  102. <H2><A NAME="SECTION00033000000000000000">
  103. <SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">3</SPAN> <SPAN ID="hue128">Data Synchronization</SPAN></A>
  104. </H2>
  105. <P>
  106. <SPAN ID="hue375">Knowing when to start sending client traffic in
  107. response to the server will be &#34;tricky&#34;. Without
  108. understanding the actual protocol involved, probably the best general
  109. solution is waiting for a given period of time after no more data
  110. from the server has been received. Not sure what to do if the client
  111. traffic doesn't elicit a response from the server (implement some
  112. kind of timeout?). This will be the basis for the default plug-in.</SPAN>
  113. <P>
  114. <H2><A NAME="SECTION00034000000000000000">
  115. <SPAN CLASS="arabic">3</SPAN>.<SPAN CLASS="arabic">4</SPAN> <SPAN ID="hue133">TCP/IP</SPAN></A>
  116. </H2>
  117. <P>
  118. <SPAN ID="hue135">Dealing with IP fragmentation and TCP stream reassembly
  119. will be another really complex problem. We're basically talking about
  120. implementing a significant portion of a TCP/IP stack. One thought
  121. is to use libnids</SPAN><A NAME="tex2html6"
  122. HREF="#foot403"><SUP><SPAN CLASS="arabic">6</SPAN></SUP></A> <SPAN ID="hue139">which basically implements a Linux 2.0.37 TCP/IP
  123. stack in user-space. Other solutions include porting a TCP/IP stack
  124. from Open/Net/FreeBSD or writing our own custom stack from scratch.</SPAN>
  125. <P>
  126. <BR><HR><H4>Footnotes</H4>
  127. <DL>
  128. <DT><A NAME="foot370">...&nbsp;</A><A
  129. HREF="node3.html#tex2html2"><SUP><SPAN CLASS="arabic">2</SPAN></SUP></A></DT>
  130. <DD><SPAN ID="hue102">socket(2)</SPAN>
  131. </DD>
  132. <DT><A NAME="foot371">...&nbsp;</A><A
  133. HREF="node3.html#tex2html3"><SUP><SPAN CLASS="arabic">3</SPAN></SUP></A></DT>
  134. <DD><SPAN ID="hue108">http://www.tcpdump.org/</SPAN>
  135. </DD>
  136. <DT><A NAME="foot372">...&nbsp;</A><A
  137. HREF="node3.html#tex2html4"><SUP><SPAN CLASS="arabic">4</SPAN></SUP></A></DT>
  138. <DD><SPAN ID="hue112">http://www.packetfactory.net/projects/libnet/</SPAN>
  139. </DD>
  140. <DT><A NAME="foot124">...&nbsp;</A><A
  141. HREF="node3.html#tex2html5"><SUP><SPAN CLASS="arabic">5</SPAN></SUP></A></DT>
  142. <DD>http://netdude.sourceforge.net/
  143. </DD>
  144. <DT><A NAME="foot403">...&nbsp;</A><A
  145. HREF="node3.html#tex2html6"><SUP><SPAN CLASS="arabic">6</SPAN></SUP></A></DT>
  146. <DD><SPAN ID="hue377">http://www.avet.com.pl/~nergal/libnids/</SPAN>
  147. </DD>
  148. </DL>
  149. <DIV CLASS="navigation"><HR>
  150. <!--Navigation Panel-->
  151. <A NAME="tex2html58"
  152. HREF="node4.html">
  153. <IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
  154. <A NAME="tex2html56"
  155. HREF="flowreplay.html">
  156. <IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
  157. <A NAME="tex2html50"
  158. HREF="node2.html">
  159. <IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
  160. <BR>
  161. <B> Next:</B> <A NAME="tex2html59"
  162. HREF="node4.html">4 Multiple Independent Flows</A>
  163. <B> Up:</B> <A NAME="tex2html57"
  164. HREF="flowreplay.html">Flowreplay Design Notes</A>
  165. <B> Previous:</B> <A NAME="tex2html51"
  166. HREF="node2.html">2 Features</A></DIV>
  167. <!--End of Navigation Panel-->
  168. <ADDRESS>
  169. Aaron Turner
  170. 2005-08-07
  171. </ADDRESS>
  172. </BODY>
  173. </HTML>