ICMP Extensions #33
Comments
|
Or perhaps more generic EO support. https://www.rfc-editor.org/rfc/rfc5837.html This would allow you to for example report latency and loss per LAG member, as well as discover which keys are hashed to which path. |
|
Thanks for the suggestion and links @ytti. I agree that Trippy should target supporting a larger set of ICMP extension objects and not focus solely on I must confess I haven't spent much time looking at these extension, mainly as I've observed that they are seldom used on public networks, perhaps they are used more within private networks? What has been your experience of how these extensions are used in practise and what useful insights they can provide? Once added, how would you imagine this data would be used within Trippy? The easiest thing to do would be to support them generically and simply render the data somehow (perhaps in the expanded hop detail navigation view?). This appears to be the approach taken in the example traceroute code you linked. Beyond that, Trippy could be aware of specific Extension Objects, such as As a start, the Trippy net code needs to be able to parse ICMP Extension Objects (Multi-Part Messages) as defined in rfc4884. This is something I can do, unless you were keen to work on this yourself? |
|
Also do you know of any public hosts which include "Interface Information Object" EO in ICMP I did manage to find an example host which provides |
|
I do not, I hope it'll become more common but currently as far as I know, only Juniper QFX5k does it. I have some reasons to expect that wider availability is coming. |
|
@ytti I have some (very rough!) WIP code up in #696 that parses ICMP extensions (v4 only for now) generically. For now it just prints out any extension object(s) found for each ICMP TimeExceeded or DestinationUnreachable response. It supports both compliant and non-compliant ICMP extensions as per section 5 of rfc4884. Example (the only one I can find in the wild, a non-compliant MPLS extension): Next up, I'm going to add parsing for the four classes with assigned numbers. After that is icmp V6 extensions and then some thought about how to display the information in the TUI. This will also need some new command line config to enable/disable extension parsing and rendering. It'll also need to be thoroughly tested on all platforms due to weirdnesses of the way some platforms treat some Ipv4 fields (i.e. |
|
Sounds very good indeed. And I believe this is right approach, in the quoted traceroute URL we can see similar approach. Where as The MPLS example while not pretty printed, is very useful example how unrecognised data can be printed, and pretty printing can be added once someone explains what the data is and how it could be used to enrich UX. Many thanks! |
|
@ytti progress... 
Only rendering a single MPLS label/ttl for now, but the plumbing is there to add any/all extensions. We'll need to think how best to render these in the Tui and textual report modes given:
It feels like we need to render a tree structure here. Edit: moved the Tui discussion to #752 |
|
Need to test if the label extraction is accurate (matches Wireshark on MacOS but seems to differ from tcpdump on Linux, maybe an endianness thing?) |
|
@ytti do you know anyone who would be able to help diagnose the issue I describe in #804? I'm unsure which of tcpdump or Wireshark is interpreting it correctly (the differ!). My reading of rfc4884 is that Wireshark is interpreting it correctly, as I apply the same logic in Trippy and get the same result. However there is clearly an MPLS extension present and tcpdump does manage to parse it out, somehow. |
|
Code was merged and can be found here along with all test cases: https://github.com/fujiapple852/trippy/blob/master/src/tracing/packet/icmp_extension.rs#L804 |
[0.9.0] - 2023-11-30 Added - Added support for tracing flows ([#776](fujiapple852/trippy#776)) - Added support for `icmp` extensions ([#33](fujiapple852/trippy#33)) - Added support for `MPLS` label stack class `icmp` extension objects ([#753](fujiapple852/trippy#753)) - Added support for [paris] (https://github.com/libparistraceroute/libparistraceroute) ECMP routing for `IPv6/udp` ([#749](fujiapple852/trippy#749)) - Added `--unprivileged` (`-u`) flag to allow tracing without elevated privileges (macOS only) ([#101](fujiapple852/trippy#101)) - Added `--tui-privacy-max-ttl` flag to hide host and IP details for low ttl hops ([#766](fujiapple852/trippy#766)) - Added `toggle-privacy` (default: `p`) key binding to show or hide private hops ([#823](fujiapple852/trippy#823)) - Added `toggle-flows` (default: `f`) key binding to show or hide tracing flows ([#777](fujiapple852/trippy#777)) - Added `--dns-resolve-all` (`-y`) flag to allow tracing to all IPs resolved from DNS lookup entry ([#743](fujiapple852/trippy#743)) - Added `dot` report mode (`-m dot`) to output hop graph in Graphviz `DOT` format ([#582](fujiapple852/trippy#582)) - Added `flows` report mode (`-m flows`) to output a list of all unique tracing flows ([#770](fujiapple852/trippy#770)) - Added `--icmp-extensions` (`-e`) flag for parsing `IPv4`/`IPv6` `icmp` extensions ([#751](fujiapple852/trippy#751)) - Added `--tui-icmp-extension-mode` flag to control how `icmp` extensions are rendered ([#752](fujiapple852/trippy#752)) - Added `--print-config-template` flag to output a template config file ([#792](fujiapple852/trippy#792)) - Added `--icmp` flag as a shortcut for `--protocol icmp` ([#649](fujiapple852/trippy#649)) - Added `toggle-help-alt` (default: `?`) key binding to show or hide help ([#694](fujiapple852/trippy#694)) - Added panic handing to Tui ([#784](fujiapple852/trippy#784)) - Added official Windows `scoop` package ([#462](fujiapple852/trippy#462)) - Added official Windows `winget` package ([#460](fujiapple852/trippy#460)) - Release `musl` Debian `deb` binary asset ([#568](fujiapple852/trippy#568)) - Release `armv7` Linux binary assets ([#712](fujiapple852/trippy#712)) - Release `aarch64-apple-darwin` (aka macOS Apple Silicon) binary assets ([#801](fujiapple852/trippy#801)) - Added additional Rust Tier 1 and Tier 2 binary assets ([#811](fujiapple852/trippy#811)) Changed - [BREAKING CHANGE] `icmp` extension object data added to `json` and `stream` reports ([#806](fujiapple852/trippy#806)) - [BREAKING CHANGE] IPs field added to `csv` and all tabular reports ([#597](fujiapple852/trippy#597)) - [BREAKING CHANGE] Command line flags `--dns-lookup-as-info` and `--tui-preserve-screen` no longer require a boolean argument ([#708](fujiapple852/trippy#708)) - [BREAKING CHANGE] Default key binding for `ToggleFreeze` changed from `f` to `ctrl+f` ([#785](fujiapple852/trippy#785)) - Always render AS lines in hop details mode ([#825](fujiapple852/trippy#825)) - Expose DNS resolver module as part of `trippy` library ([#754](fujiapple852/trippy#754)) - Replaced unmaintained `tui-rs` crate with `ratatui` crate ([#569](fujiapple852/trippy#569)) Fixed - Reverse DNS lookup not working in reports ([#509](fujiapple852/trippy#509)) - Crash on NetBSD during window resizing ([#276](fujiapple852/trippy#276)) - Protocol mismatch causes tracer panic ([#745](fujiapple852/trippy#745)) - Incorrect row height in Tui hop detail navigation view for hops with no responses ([#765](fujiapple852/trippy#765)) - Unnecessary socket creation in certain tracing modes ([#647](fujiapple852/trippy#647)) - Incorrect byte order in `IPv4` packet length calculation ([#686](fujiapple852/trippy#686))
Tracking issue for ICMP Extensions.
Add support for generic Ipv4 & Ipv6 ICMP extensions, with specific parsing for:
The text was updated successfully, but these errors were encountered: