search

cloudflare / quiche

🥧 Savoury implementation of the QUIC transport protocol and HTTP/3
https://docs.quic.tech/quiche/
BSD 2-Clause "Simplified" License
9.27k stars 697 forks source link

Decoding QUIC v1 packets in Wireshark doesn't work #963

Open mickel8 opened 3 years ago

mickel8 commented 3 years ago

Hi, is it possible to decode QUIC v1 in Wireshark? I can do this with ID-29 (quiche 0.7.0) but after switching to v1 (quiche 0.9.0) decoding packets in Wireshark is no longer possible. I suppose that this is rather Wireshark problem but maybe you know something?

mickel8 commented 3 years ago

Actually it's not so important. I forgot about qlog and qvis. The real question I wanted to ask is why STREAM_DATA_BLOCKED frame is sent so early. Here are my qlog files (I had to rename them to .txt as github doesn't accept .qlog)

server.txt client.txt

Server sets flow control to 7000B while client tries to send more than that. What I can't understand is that client sends STREAM_DATA_BLOCKED frame so early, before reaching flow control limit.

It looks like this image

In the first packet after establishing connection (1 RTT: 0) there are different frames. One of them is STREAM_DATA_BLOCKED. I can't get why server receives it so early. Shouldn't he receive it in 1 RTT: 6 packet?

ghedo commented 3 years ago

To answer your original question, Wireshark should definitely be able to decode QUIC v1 packets, though you might need a recent version (according to https://github.com/quicwg/base-drafts/wiki/Tools#wireshark you need at least v3.4.x).

ghedo commented 3 years ago

As for the STREAM_DATA_BLOCKED thing, it does indeed look weird, Are you using a custom client/server or the apps we provide (https://github.com/cloudflare/quiche/tree/master/tools/apps)? If the latter, it would be useful if you could provide the trace logs (just need to run the programs with the RUST_LOG=trace environment variable set).

mickel8 commented 3 years ago

To answer your original question, Wireshark should definitely be able to decode QUIC v1 packets, though you might need a recent version (according to https://github.com/quicwg/base-drafts/wiki/Tools#wireshark you need at least v3.4.x).

Thanks, good point with Wireshark's version. Acctually I have 3.4.0rc1 but I will try with a newer one.

As for the STREAM_DATA_BLOCKED thing, it does indeed look weird, Are you using a custom client/server or the apps we provide (https://github.com/cloudflare/quiche/tree/master/tools/apps)? If the latter, it would be useful if you could provide the trace logs (just need to run the programs with the RUST_LOG=trace environment variable set).

I am using client and server from https://github.com/cloudflare/quiche/tree/master/examples but IIRC apps from tools use them too?

I have modified them a little to exceed flow control limit but these modifications were quite simple. I will put trace logs as soon as possible

mickel8 commented 3 years ago

client_trace.log server_trace.log server.qlog.txt client.qlog.txt