I want to develop a bandwidth allocator to a network which will be behind my machine.
Now, I've read about NDIS but I am not sure whether the network traffic that is neither originating from my machine nor is destined for my machine will enter my TCP/IP stack, so that I can block/unblock packets via NDIS on a windows machine.
NDIS (kernel) drivers live in the Windows network stack, and so can only intercept packets which are handled by this stack.
You cannot filter packets which are not send to your computer.
(When the computer acts as a router, the packets are send to the computer and the computer forwards the packets to the actual recepient, if that was the question)
In normal operation mode the irrelevant traffic will be dropped by the NIC driver/firmware, like pointed above. However, this is a SW issue so this behavior can be changed by adding an appropriate logic into the device driver and/or firmware. This is how sniffers operate, for example.
Related
I begin network programming with C++ in Windows OS. I know what is a Network protocol stack (like Educational Model of OSI and Operational Model of TCP/IP). Also, I know how a packet routed and switched in a network medium and many more other concepts about network programming and communication itself.
However, I know now when a process in Machine A wants to send a message to another process in machine B, the message must go through TCP/IP stack layers until it could be ready to put on physical media to reach the destination process in Machine B.
Packet should have the destination IP address of Machine B and also a Port Number. But I could not figure out the answer to the following questions:
Why we should specify a Port and how these 6000+ ports in operating systems (Windows) distinguished from each other?
How TCP/IP network protocol stack implemented in Windows OS? It is a driver or something else.
In Windows operating systems, every process has a TCP/IP protocol for itself or windows process uses the same TCP/IP protocol stack for them?
I know, these kinda questions are not too good for StackOverflow fans, but unfortunately, I couldn't find out the answer to these questions in the books or even via googling.
The port number is used to distinguish different applications running on the same machine from each other. Usually all (at least most) programs on the same machine will be communicating via the same IP address. The kernel needs to know what messages to dispatch to what program, the port number solves this problem. Each program will be communicating on a unique port, so when a message arrives for port x, the kernel knows what program to send the message to. Without the port number it would have to send the message to all programs and they would have to figure out if any given message was meant for them.
As for what books to read; I'd recommend "TCP/IP Illustrated, Volume 1 through 3" and UNIX Network Programming.
I am trying to send and receive TCP streams from an iPad via a wireless connection to a laptop. I create sockets with boost::asio. This project is a port of a data streaming library that I maintain that works quite well on Windows, OSX, and Linux.
I can get the app to send and receive streams to/from other computers on a wired LAN when I run it on the simulator. But, when I target the device itself, I can't see any streams.
As I say, I am communicating via wireless between an iPad and a laptop. I create a wireless network on the laptop and then give the iPad a static IP. The connection appears to be fine, because I can ping the iPad with no packet loss. I have also tried connecting the devices by putting them on the same wireless LAN (although I'm not supposed to use wireless routers at work) and this also does not work.
According to apple, setting up streams like this with NSStream will just work. Maybe there is some permissions magic happening under the hood that I am not doing with my calls to boost::asio functions. In any case, I can't see the streams.
Actually, it turns out the only thing that was wrong was that I needed to set up my routing table so that it pointed multicast to the wireless card:
> sudo route -nv add -net 224.0.0.183 -interface en1
I got the IP from inspecting packets in wireshark -- it is the address that my device is multicasting to in my laptop. Sending works (from device to laptop), receiving is still silent though. This may be something else that needs to be set int the routing table (I really don't understand much at all about multicasting) or else I can fiddle with some config settings with my library.
I am a newbie to Intel DPDK.
I am planning to write an http web server.
Can it be implemented using the following logic using DPDK ?
Get the packets and send it to Worker Logical Cores.
A Worker Logical Core build 'http reuqest' sent by the client, using
the incoming packets.
Process the 'http reuest' in the Worker Logical Core and produce an
'http response'.
Create packets for the 'http response' and dispatch them to output
software rings.
I am not sure whether the above is feasible or not.
Is it possible to write a web server using Intel DPDK?
It is lot of work since you'll need a TCP/IP stack on top of the DPDK. Even once you'll have ported a TCP/IP stack on top of DPDK (or reusing a port from an OS), you won't have the performance because it is easy to write C code that runs, but writting a TCP/IP stack that sustains good performances, it is a very difficult development.
You can try http://www.6wind.com/6windgate-performance/tcp-termination/ : they do not provide a HTTP server, but they provide a L7 like TCP socket support to build the fastest HTTP servers.
Yes, its possible to build a Web Server using DPDK. You could either use a KNI interface provided by DPDK. All packets received on a KNI interfaces are still routed through the kernel network stack -- however, and heres the catch, this is still faster than directly receiving packets from the kernel (requires multiple copies). With DPDK you could still ping cores to RX and different lcores to TX. You could then instruct your OS not to use these lcores for anything else. So you really have dedicated lcores for packet TX and RX. Ensure that Tx and RX lcores lie on different CPU sockets.
More information at:
http://dpdk.org/doc/guides/sample_app_ug/kernel_nic_interface.html
I'm trying to write a function that can get me the IP adress (and the name of the device as bonus) of devices that are in my network, the network is gonna be a direct connection between two computers using Ethernet cable or creating an access point (using wi-fi)
I tried to search about how to do it but it seems like I need to listen to the network or something which seems to be difficult.
hope you can guide me to what I should do or read to get started.
Note: I'm using Windows on both computers.
Edited:
P.S: I need the IP Address so I can send a message to the other computer using winsock in a Client/Server program I wrote.
can't I make the server send its IP to the client or the opposite ?
If your software is running on both machines, you can have one (or both) machines send out a particular broadcast (or, if you prefer, multicast) UDP packet on a specific port. Your program should also be listening on that same port. When it receives that packet (using recvfrom()), recvfrom()'s fifth argument will contain the IP address of the machine that sent the packet, i.e. the IP address you want.
(If OTOH your software is not running on the remote machine, you'll need to use some more general-purpose discovery mechanism such as mDNS or LLDP -- hopefully you won't have to do that, though, as it's a good deal more complicated)
Problem: Mediate USB traffic/data
I would like to accept inbound traffic on a specific USB port and replicate it exactly as outbound traffic on another specific USB port, in effect accomplishing a USB proxy. By extension, then, the connections need to be two-way. An additional requirement is that the port must be able to fake its identity (vendor ID, product ID, ...) as seen by an external device. Should the given solution also be able to dump/log the raw traffic, that would be fantastic, although not a requirement. Target platforms are Windows and/or Linux (any will do).
Before going on an epic journey and writing a custom driver, which is fairly likely to induce brain damage, I would like to ask if anyone has ever done anything similar, or could possibly conceive of the pieces needed to assemble this puzzle. :)
I don't think this is doable out of the box, without extra hardware.
What kind of device can you expect to connect to the "upstream" port of the proxy? Assuming there's a regular device (let's say a mouse, just as an example) on the "downstream" port, the device at upstream needs to be a USB host in order to handle the USB device in a meaningful way.
But you can't connect the USB port of your computer (which already is the host for all its USB root ports) directly to another computer, that's a total violation of USB's network topology. Both ports contain +5 V power rails, and if you connect those together, you're likely in for a shock. And/or a private fireworks display. Or a trip to your nearest motherboard and/or PSU retailer ...
Also, since USB is quite dynamic and so on, I don't think you can expect the bitstream from one port to be meaningful if repeated out another port, since address information etc might change.
There are 100% software USB analyzers, like http://www.usblyzer.com/, but I'm not so sure about proxies like what you describe.
At my work we have used this Beagle USB Analyzer. It sits between device and host and captures all traffic without interruption. It works in windows and linux and functions even with USB 2.0 highspeed ports.
http://www.totalphase.com/products/beagle_usb480/
Highly recommended.