[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Nbd] Wireshark dissector for NBD

The handles are 64 bits and still you reuse their values very frequently.
This makes it much more difficult to track request/responses  which I
have to do in order to know how many bytes a response packet is.


On 10/30/06, Wouter Verhelst <wouter@...3...> wrote:
On Mon, Oct 30, 2006 at 11:59:28AM +1100, ronnie sahlberg wrote:
> List,
> My name is ronnie sahlberg and im one of the wireshark developers.
> I just read some discussion on the thread "tech documentation"
> about a wireshark/ethereal dissector.
> If you are interested I can write a dissector for this protocol.

Hey, that'd be cool! Thanks!

(Obviously, as you've seen in the discussion, Phil Howard was planning
on writing this dissector, too; I don't know whether he's finished or
even started this, but you may want to coordinate with him).

> I would need a couple of example network traces to verify with and pointer
> to documentation.
> (http://grep.be/blog/en/computer/nbd/ethereal_wanted  is probably
> for me to write the dissector if you can just confirm it is still a valid
> description of the protocol)

Yes, it's still valid; nothing has changed in the protocol since that
blog post.

> I.e.   If you want me to I can write a dissector for this protocol.
> I would need some help from you though
> 1, some example network traces

I've put some on my website, at http://grep.be/data/wireshark/ (because
they're too large for email attachments).

The first is a connection from nbd-tester-client to an nbd-server on the
localhost. The server is running on port 12347; the client appears to be
running on port 37745. The export is a small test export that I have,
which is 20K large, so that's not much. What nbd-tester-client do is
check the size of the export, and then run through it by reading every
block in the export in sequence. It doesn't do any writes.

The second is a connection from a real nbd-client running on to a server running on The exported file
in this case is 64K large (since 20k was apparently too small for what I
was about to do). After setting up the device, I ran 'mkfs -t ext2' on
the device, mounted the file system, created a file, ran 'sync', removed
the file again, umounted the file system, and closed the connection
again with 'nbd-client -d' (which uses the in-protocol command to do
so). This will give you a reasonable approximation of what it looks like
when it's really in use (obviously I'm not asking you to decode the
filesystem writes :).

I hope that's enough; if not, please do let me know.

> 2, later, if possible if someone could create a small NBD protocol page on
> wiki.wireshark.org

Would it be enough to just copy the description from my blog?

<Lo-lan-do> Home is where you have to wash the dishes.
  -- #debian-devel, Freenode, 2004-09-22

Reply to: