Wireshark-bugs: [Wireshark-bugs] [Bug 12427] New: Apple Boot Services Discovery Protocol (BSDP)
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 11 May 2016 09:22:27 +0000
Bug ID 12427
Summary Apple Boot Services Discovery Protocol (BSDP)
Product Wireshark
Version 2.0.2
Hardware All
OS All
Status UNCONFIRMED
Severity Enhancement
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter wireshark.org@franklee.co.uk 

Created attachment 14555 [details]
shark-mac - a mac lists netboot images; shark-mac-boot - a mac attempts to
netboot; bsdp.lua - a plugin dissector for BSDP

Build Information:
Wireshark 2.0.2 (SVN Rev Unknown from unknown)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.5.1, with libpcap, with POSIX capabilities (Linux),
with libnl 3, with libz 1.2.8, with GLib 2.48.0, with SMI 0.4.8, with c-ares
1.10.0, with Lua 5.2, with GnuTLS 3.4.10, with Gcrypt 1.6.5, with MIT Kerberos,
with GeoIP, with QtMultimedia, without AirPcap.

Running on Linux 4.4.0-21-generic, with locale C, with libpcap version 1.7.4,
with libz 1.2.8, with GnuTLS 3.4.10, with Gcrypt 1.6.5.
Intel(R) Core(TM)2 Duo CPU     P8700  @ 2.53GHz

Built using gcc 5.3.1 20160407.

--
Request for enhancement: OSX machines which netboot use the Vendor-Specific
Information option to obtain netboot information (server, images etc) using
Apple's BSDP. It would be helpful to those of us who netboot OSX machines to be
able to dissect this protocol in wireshark.

BSDP is reasonably-well documented at
http://opensource.apple.com/source/bootp/bootp-198.1/Documentation/BSDP.doc

I attach two packet traces of a mac attempting to netboot using this protocol
(shark-mac, shark-mac-boot), and a quick-and-dirty Lua script (bsdp.lua) to
dissect the BSDP information. 

Context to help interpret the packet traces: 131.111.112.9, 131.111.112.138,
131.111.115.208 are 'standard' DHCP servers. 131.111.112.223 is our BSDP
server. 172.26.83.83 is our netbooting-Mac. 172.26.83.62 is the IP address of
the router in the client subnet.

In shark-mac, Packet 1 shows a DHCP INFORM[LIST] packet broadly corresponding
to the question "What images can I netboot?". Packet 5 shows a DHCP ACK[LIST]
packet with the answer "Reinstall_Mac, Netboot_Mac, Test_Mac_Hardware" and
their respective netboot identifiers. 

In shark-mac-boot, Packet 12 contains DHCP INFORM[SELECT] packet indicating the
client's intention to boot from image 0x0100008a, an identifier from a previous
DHCP ACK[LIST]. Packet 13 contains DHCP ACK[SELECT] indicating the BSDP
server's acknowledgement of this intention. 

Apologies for having to use two traces here - I'm currently debugging the boot
process on this OSX client which appears to be broken, so it's not entirely
behaving in the expected manner. (Hence the desire to examine the BSDP!)

You are receiving this mail because:
  • You are watching all bug changes.