ipfs, libp2p multistream wireshark capture

What is done

1. Hack secio to disable enc/dec, so that we can see all plain texts
2. Start wireshark listening on tcp port

Pcap file can be found at: open with wireshark

Outline of secure channel setup

1. TCP 3-way handshake
2. Setup connection by exchanging ‘/multistream/1.0.1’
3. Following with ‘/secio/1.0.0’ to indicate secio transport channel
4. Handshaking transformer proposals
5. Exchanging nonce
6. Established…

A sample packet

A packet which only contains 5 bytes is shown below:

0000 02 00 00 00 45 00 00 4d 07 9e 40 00 40 06 00 00
0010 7f 00 00 01 7f 00 00 01 11 5b 11 59 d4 0d 72 87
0020 c3 e8 5b ee 50 18 00 1e fe 41 00 00 00 00 00 21
0030 00 00 00 00 00 00 00 07 00 00 00 05 50 49 4e 47
0040 0a 90 34 91 25 22 b3 ed 8a f8 0d 73 e4 1e 93 2e
0050 6b

Bytes marked in yellow are the payload.

• 00 00 00 21 ----> Message Length in big endian
  – 0x21, 33 bytes
• 00 00 00 00 00 00 00 07 00 00 00 05 —> yamux header 12 Bytes
  – Version 0, Data, StreamID 7, Length 5 (See below for header definition)
• 50 49 4e 47 0a —> data, which is ‘PING\n’ in this case
• The rest 16 bytes —> MAC of this message

yamux header, 12 bytes

• Version (8 bits)
• Type (8 bits)
• Flags (16 bits)
• StreamID (32 bits)
• Length (32 bits)

Type definition (copied from offical doc)

• 0x0 Data - Used to transmit data. May transmit zero length payloads depending on the flags.
• 0x1 Window Update - Used to updated the senders receive window size. This is used to implement per-session flow control.
• 0x2 Ping - Used to measure RTT. It can also be used to heart-beat and do keep-alives over TCP.
• 0x3 Go Away - Used to close a session.