[ipv6hackers] pcap DLT_NULL encapsulation in FreeBSD/gogoc tunnel
Fernando Gont
fernando at gont.com.ar
Fri Feb 22 12:40:15 CET 2013
Folks,
While working on tunnel support for the toolkit I used a gogoc-created
tunnel in FreeBSD 9.0. The gogoc-created interface is of
type DLT_NULL.
My understanding is that packets sent/received on such interface type
include a 4-byte header that includes the address family as a 32-bit
integer, in host byte order.
Packets sent with tools such as ping6, get the corresponding header set
to 0x1c (PF_INET6). However, packets sent with pcap_inject() get such
header set to 0x1f, even when I explicitly set it to PF_INET6 (0x1c).
>From a practical point of view, everything works ok (i.e., packets
*are* successfully sent over the tunnel). However, when sniffing traffic
on my local host, I get a "AF unknown (31)", as in:
--- cut here ----
04:31:09.377625 AF Unknown (31), length 108:
0x0000: 6000 0000 0040 3aff 2001 05c0 1000 000a `....@:.........
0x0010: 0000 0000 0000 152d 2001 05c0 1000 000a .......-........
0x0020: 0000 0000 0000 0108 8000 d368 667c 0000 ...........hf|..
---- cut here ----
it looks like no matter what I write in that header, the contents never
change when the packet hit the interface (i.e., once pcap_inject() is
called, it seems those bytes are being rewritten).
Is this a known issue with gogoc? Am I missing something?
Thanks!
Best regards,
--
Fernando Gont
e-mail: fernando at gont.com.ar || fgont at si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
More information about the Ipv6hackers
mailing list