firstmidreport.pdf
TRANSCRIPT
![Page 1: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/1.jpg)
Harraser and Packet analysis for Gigabit Ethernet in
Post Silicon Server Validation
G Swamy
November 30, 2014
![Page 2: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/2.jpg)
Abstract
Validation remains an integral and crucial phase of todays microprocessor design and man-
ufacturing process. Due to sheer design complexity, it is nearly impossible to detect and fix
all bugs before manufacture. Post-silicon validation is used to detect and fix bugs in integrated
circuits and systems after manufacture. In this thesis, it is described a situation in which we
have to validate the Functionality of Ethernet Controller in Post Silicon Server Validation. The
main aim of the project is to introduce different types of harassers into the Giga Bit Ethernet
controller in Post silicon server validation and to stress the Gigabit Ethernet Controller and
validate the robustness of the controller by monitoring it’s behavior under prolonged stressful
tests and analyze the drop in packets because of these harassers using packet analyzing tools
such as wire shark. The different types of harassers we can introduce are Reset, Speed Change,
Power States, Interrupts, Error Injection. The general usage of harassers in post-silicon vali-
dation environment is to stress the Gigabit Ethernet Controller and validate the robustness of
the controller by monitoring its behavior under prolonged stressful tests.
i
![Page 3: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/3.jpg)
Contents
1 Introduction 1
1.1 Silicon Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1.1 Processor Validation Methodology . . . . . . . . . . . . . . . . . . . 2
1.1.2 Presilicon Validation . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1.3 Postsilicon Validation . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1.4 Presilicon Validation Vs Postsilicon Validation . . . . . . . . . . . . 3
1.1.5 Post Silicon Methodologies . . . . . . . . . . . . . . . . . . . . . . 4
1.2 Harasser Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Packet Analysing tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2 Literature Survey 6
3 Harasser techniques 9
3.1 Auto Negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.1 Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.1.2 Duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.2 Interrupts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.2.1 Interrupts in a legacy PC . . . . . . . . . . . . . . . . . . . . . . . . 15
3.2.2 Improvement to be done for faster Interrupt handling . . . . . . . . . 16
3.2.3 Introduction to MSI and Its Capabilities . . . . . . . . . . . . . . . . 16
3.2.4 MSI Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.3 Power States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.4 Reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.4.1 Functional Level Reset . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.4.2 software reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
ii
![Page 4: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/4.jpg)
4 Software and Hardware Details 22
4.1 Python . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
4.1.1 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
4.2 Wireshark . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.2.1 Funcionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.2.2 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.2.3 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
4.3 Iperf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
5 Results 28
iii
![Page 5: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/5.jpg)
List of Figures
1.1 Product Cycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
3.1 Location of Auto-Negotiation function within the ISO OSI Reference Model . 10
3.2 LCW Base Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.3 FLP Burst Timing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.4 FLP Burst Encoding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.5 Advanced Link codeword Base Page . . . . . . . . . . . . . . . . . . . . . . 12
3.6 Non AutoNegotiation 100BaseT . . . . . . . . . . . . . . . . . . . . . . . . 13
3.7 AutoNegotiation 100BaseT . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.8 Older Way of Interrupts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.9 New Way of handling Interrupts . . . . . . . . . . . . . . . . . . . . . . . . 16
3.10 Network Data Flow In a Single Core Processor . . . . . . . . . . . . . . . . 17
3.11 Network Data Flow In a Multi Core Processor . . . . . . . . . . . . . . . . . 18
3.12 Network Device Connected to Host Computer Syster Over PCI Bus . . . . . 18
3.13 Gigabit Ethernet Device with an Integral Physical Layer Interface . . . . . . 19
3.14 Power Management State Transitions of Gigabit Ethernet Device . . . . . . . 19
iv
![Page 6: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/6.jpg)
List of Tables
3.1 Technology Ability Field encoding . . . . . . . . . . . . . . . . . . . . . . . 12
3.2 Priority Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.3 Table showing the Basic Power Management States of Giga Bit Ethernet . . . 19
3.4 Table showing the PowerManagement States of Giga Bit Ethernet . . . . . . 20
v
![Page 7: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/7.jpg)
Chapter 1
Introduction
One of the challenging tasks in silicon validation is to check correctness of the product both
before and after the product is released to maintain quality of product shipped.In general there
are many ways to validate the procecomponents externally connected to the CPU in the present
day systems, some of the components to be noticed are Ethernet card connected to the PCI
Express protocol of the CPU [1].This Ethernet card is controlled by Ethernet Controller.Here
we are validating the processor by validating the Ethernet controller. There are two ways to
validate it.They are post silicon validation and pre silicon validation. Due to design complexity,
it is nearly impossible to fix all bugs before manufacture(pre silicon validation).So Post-silicon
validation is used to detect and fix bugs in integrated circuits and systems after manufacture [2].
In this thesis, it is described a situation in which we have to validate the Functionality of
Ethernet Controller in post silicon validation. Once the Ethernet Controller is designed it is
necessary to validate the Ethernet Functionally as well as performance wise to confirm whether
it is working in conformance with the given specifications. For Validating the Functionality of
Giga Bit Ethernet we need to introduce different types of harassers into the Giga Bit Ethernet
controller in Post silicon server validation and to stress the Gigabit Ethernet Controller and
validate the robustness of the controller by monitoring it’s behavior under prolonged stressful
tests and analyze the drop in packets because of these harassers using packet analyzing tools
such as wire shark. The different types of harassers we can introduce are such as Reset,
Speed Change, Power States, Interrupts, Error Injection and analyze the packets using packet
analyzing tools such as Wire shark.
1
![Page 8: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/8.jpg)
1.1 Silicon Validation
Validation is the process of checking that a product, service or system meets specifications and
made available in market in time and that it fulfills its intended purpose. Validation is needed
to prevent the data corruption, unexpected machine breakdowns, and incomplete or corrupt
data transmissions over cell phones and PDAs. It also ensures that the processor is compatible
with previous generation softwares (SW), hardwares (HW), operating systems (OS), reliable
and durable for many years.
1.1.1 Processor Validation Methodology
Processor Validation consists of composition of different techniques, which are either presil-
icon or postsilicon validation. Each technique has a unique advantage in capturing a specific
type of bug more quickly than others. Although there is some duplication in the functionality
tested, bugs missed by one technique can potentially be captured by another technique thus
ensuring the quality of the silicon. This Figure 1.1 shows the whole cycle of product.
Processor Validation techniques are broadly classified as follows
• Presilicon Validation
• Postsilicon Validation
1.1.2 Presilicon Validation
In Presilicon validation, design analysis tools are used to simulate the design and create the
test environment before an actual silicon device is created. Most of the presilicon validation
is done either on a Register Transfer-Level (RTL) simulator or an emulator. Typical goals of
Presilicon validation are having a zero defect rate over a specific period with no show stopper
bugs before tape-out, simulating a required number of cycles and being able to boot up a
favorite operating system image on the simulator.
Rigorous validation is performed at the microarchitecture design level, cluster (containing
a collection of design units) level and full chip level. Since the environment is simulated, there
is flexibility in setting up test cases at the block and gate level. Inputs can be injected and
outputs probed and logged from virtually anywhere in the design. A powerful, low-level test
2
![Page 9: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/9.jpg)
Figure 1.1: Product Cycle
and debug environment is the result. A problem with design simulation and presilicon testing
is that, it takes long time to execute when compared to actual silicon which limits the amount
of testing that can be performed.
1.1.3 Postsilicon Validation
Postsilicon validation is performed on the silicon device once it arrives from the FAB. The
tests are run on a reference or validation board containing the Target silicon. Target silicon in
the validation board interacts with other hardware and peripherals. Postsilicon validation takes
less time compared to presilicon validation. Enumerative exercising of all processor logic is
not possible because of the increase of cases that need testing, requiring a focus on boundary
cases by stressing block interfaces and Targeting complex state machines and combinational
logic [2].
Typical postsilicon methodology consists of booting low-level console user interface, run-
ning legacy tests, doing a boot of the favorite operating system, running postsilicon tests,
locating and diagnosing bugs, reproducing and analyzing bugs on the RTL model and using
microcode patches to provide a work-around so that validation may proceed. This is typi-
3
![Page 10: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/10.jpg)
cally done with low observability using the small amount of DFT (Design for Test) features
available on the chip.
1.1.4 Presilicon Validation Vs Postsilicon Validation
Postsilicon validation is done in a system environment to flush out bugs missed in presilicon
Validation. Typical reasons for this are the slow simulation speed that prevents running a
large number of tests, tests requiring long execution times, tests not run in a particular mode,
innovations in circuit technology and so forth. Postsilicon validation has usually found fewer
bugs than presilicon, as would be expected.
But, with the complexity of the processor growing, the bugs found in postsilicon have
increased. The complexity of creating the conditions to cause the bugs to appear and the com-
plexity of debugging them have increased as well. Such bugs are hard to detect in presilicon
because they involve many complex interactions between units that are hard to detect with the
limited number of presilicon simulation cycles and will continue to exist in silicon. Due to
short postsilicon validation cycles, it is important that these bugs be detected rapidly.
1.1.5 Post Silicon Methodologies
The different types of post silicon validation methodologies are
• System Validation (SV)
• Compatibility Validation (CV)
• Electrical validation(EV)
System Validation is primarily focused on validating the CPU and chipsets in an embedded
system environment that uses the new silicon in a multi-way configuration and has special
monitor software to download the validation tests into the platform for execution on full chip
which is obtained from FAB. This platform has many hooks to provide flexibility in testing
and has external graphics and PCI or USB peripherals that can communicate with the CPU
core and generate programmable traffic.
Compatibility validation runs on desktop and server systems that incorporate the new chips
with various configurations of the system and are run under real operating systems, other sys-
tem software and user applications. It uses real applications and thus validates common usage
4
![Page 11: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/11.jpg)
models. Electrical Validation directly addresses base-lining and monitoring the electrical per-
formance of the chips. Here the validation will be based on the electrical characteristics being
measured and the accuracy to which the measurement must be made.
1.2 Harasser Techniques
Ethernet is the survivor of the LAN wars. It is hard to find an IP packet that has not passed
over an Ethernet segment. One important reason for this is Ethernets simplicity and ease of
configuration [3]. Such Ethernet should be tested for functionality before releasing it into
market. By using harassers we can validate the ethernet. Harassers in the sense the various
ways to stress the Gigabit Ethernet controller. In real life applications of harassers include
switching off the Operating system, Connect the System to different networks having differnt
speeds. Beelow are the some of the harassers.
1. Speed Change
2. Reset
3. Interrupts
4. Power states
5. Error Injection
1.3 Packet Analysing tools
Packet analysis is defined as the process of capturing and interpreting live data as it flows across
a network in order to better understand what is happening on that network.Packet analysis is
typically performed by a packet sniffer, a tool used to capture raw network data going across
the wire. Packet analysis can help us understand network characteristics, learn who is on a
network, determine who or what is utilizing available bandwidth, identify peak network usage
times, identify possible attacks or malicious activity, and find unsecured and applications [4]
There are various types of packet sniffing programs, including both free and commercial ones.
Each program is designed with different goals in mind. A few of the more popular packet
5
![Page 12: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/12.jpg)
analysis programs are tcpdump (a command-line program) [5], OmniPeek [6], and Wireshark
(both GUI-based sniffers).
Wireshark is an open-source and freely available, it can be adapted to the needs of spe-
cific applications. Wireshark can be attached to local network interfaces, thereby overhearing
incoming packets that are subsequently analysed and presented to the user. It allows to save
packets into files for later analysis and to filter the displayed data. In addition, it allows col-
orizing the output to ease the interpretation [7].In this work we use Wireshark packet analysing
tool to analyse the drop in packets,which are caused by harassers.It can be used to interprete
the start and end of data and where it is dropped and how much data we received.
6
![Page 13: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/13.jpg)
Chapter 2
Literature Survey
The size and complexity of modern hardware systems have turned the functional verification
of these systems into a mammoth task [8]. Verifying such systems involves tens or hundreds
of person years and requires the compute power of thousands of workstations. But even with
all this effort, it is virtually impossible to eliminate all bugs in the design before in pre silicon
validation.
The limited accuracy in circuit modeling and the exponential size of state spaces are the
main reasons why presilicon verification is insufficient in eliminating all the design errors
before tape-out [9]. This problem is further exaggarated by the increasing number of on-chip
logic blocks and the complex transactions between them, as well as the continuous growth
of embedded software as the product differentiating component in system-on-a-chip (SOC)
designs. In order to reduce the cost of re-spins (both mask costs and the implementation time),
it is essential to validate the implemented design and to identify the escaped bugs as soon as
the first silicon is available. Post-silicon validation (PSV) is the task of searching for erroneous
behavior in-silicon (or experimentally showing that the implemented design meets its intended
behavior). If the erroneous behaviour is found, then a direct consequence is an added debug
step for the identification and localization of bugs in silicon. This explains why this task is
often referred to as post-silicon validation and debugging, or just silicon debug.
Validation remains an integral and crucial phase of todays microprocessor design and man-
ufacturing process. Due to sheer design complexity, it is nearly impossible to detect and fix
all bugs before manufacture(in pre silicon validation). Post-silicon validation is used to detect
and fix bugs in integrated circuits and systems after manufacture [2].
Auto-negotiation is best defined as the mutual agreement by two network devices sharing
7
![Page 14: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/14.jpg)
a wire on the speed, duplex, and controls to govern the use of that wire [10].As a protocol
auto-negotiation exists strictly at the PHY (physical) layer of the OSI (Open System Intercon-
nection Reference Model) and is implemented by software, hardware, or a mixture of both.
Specifically this paper will detail how the protocol negotiates speed, duplex, Auto-MDIX (ca-
ble termination), and flow control.
The basic power states of a PCI-Express device are D0 and D3 [?].The D0 power state
is again classified D0 uninitialised and D0 initialised. In this paper a method is proposed for
automaticallytransitioning ine physical layel interface of a peripheral device to a low power
state when a signal is detected by the communication device on a peripheral bus. The technique
may include transitioning to different low power states depending upon whether wake up of
the device has been enabled by an Operating System.
One important PCI-E advantage is that interrupts are transferred in-line instead of out-of-
band. This feature is called Message-signalled Interrupt (MSI). MSI enables a better interrupt
handling since it allows multiple queueable interrupts [?]. This paper will describe most of the
basic settings that should be set in a Linux environment in order to get the maximum speed
when using fast network adapters.
Current machines need higher reliability than before and need to recover from failure
quickly. As one of failure causes, peripheral devices might run into errors, or go crazy com-
pletely. If one device is crazy, device driver might get bad information and cause a kernel
panic: the system might crash unexpectedly.So a frame work to support created a framework
to support PCI error recovery procedures in-kernel. However, this model lacks the ability to
support platform independence and is not easy for individual developers to get a Power ma-
chine for testing these functions. So Advanced Error Reporting mechanism is introduced in
this paper [?]. This paper is targeted toward kernel developers interested in the details of en-
abling PCI Express device drivers, and it provides insight into the scope of implementing the
PCI Express AER driver and the AER conformation usage model.
In a computer or data transmission system, a reset clears any pending errors or events and
brings a system to normal condition or an initial state, usually in a controlled manner [11].
It is usually done in response to an error condition when it is impossible or undesirable for
a processing activity to proceed and all error recovery mechanisms fail. A computer storage
program would normally perform a ”reset” if a command times out and error recovery schemes
like retry or abort also fail. In this paper it is described that it is possible to bring the induvidual
8
![Page 15: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/15.jpg)
function or device to known state,without effecting the functionality of other functions and
devices.
Wireshark is the worlds most popular network protocol analyzer [12]. It has a rich and
powerful feature set and runs on most computing platforms including Windows, OS X, Linux,
and UNIX. Network professionals, security experts, developers, and educators around the
world use it regularly. It is freely available as open source, and is released under the GNU
General Public License version 2. It has been developed and maintained by a global team of
protocol experts, and it is an example of a disruptive technology. Wireshark formerly used
to be known as Ethereal. Wireshark is a free packet sniffer computer application. It is used
for network troubleshooting, analysis, software and communications protocol development,
and education. In June 2006 the project was renamed from Ethereal due to trademark is-
sues. Wireshark has tools for capturing, viewing, and analysis of data packets. Wireshark
has sophisticated wireless protocol analysis support to help administrators troubleshoot wire-
less networks. With the appropriate driver support, Wireshark can capture traffic from the air
and decode it into a format that helps administrators track down issues that are causing poor
performance, intermittent connectivity, and other common problems.
Tcpdump is a common packet analyzer that runs under the command line [5]. It allows the
user to intercept and display TCP/IP and other packets being transmitted or received over a
network to which the computer is attached. It uses libpcap packet capturing library. WinDump
is the Windows version of TCPDump. It uses the WinPcap library, which is the Windows
version of libpcap.Tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD,
Mac OS X, HP-UX and AIX among others.
Iperf [13] is a bandwidth measurement tool which is used to measure the end-to-end
achievable bandwidth, using TCP streams, allowing variations in parameters like TCP win-
dow size and number of parallel streams. End-to-end achievable bandwidth is the bandwidth
at which an application in one end-host can send data to an application in the other end-host.
Iperf approxi- mates the cumulative bandwidth (the total data trans- ferred between the end-
hosts over the total transfer period) to the end-to-end achievable bandwidth.
Python is a High-level interpreted language, designed by Guido van Rossum back in 1991.
In recent years Python has been receiving an ever increasing attention, both in academic and
professional community. It has also influenced design of some other popular languages like
Ruby and Go [14].
9
![Page 16: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/16.jpg)
Chapter 3
Harasser techniques
3.1 Auto Negotiation
In real time computers are connected to different range in speeds of Networks. So whenever
speed is changed computer should be able to connect to that speed by auto negotiating with
the Link partner. If we change the speed any number of times it should be able to connect.
By keeping that in view in post silicon validation after Ethernet controller is designed we are
harassing the controller by changing the speed number of times in combination with the Auto
Negotiation. In this process after changing speed every time we will check the speed by calling
Link speed function running. By using Iperf also we can verify the same. In this way we can
validate the robustness of the Ethernet Controller. Speed change is implemented as part of
Auto Negotiation. So we will discuss the Auto Negotiation below.
Auto-Negotiation plays a key role in the area of Computer Networks. Auto-negotiation
is best defined as the mutual agreement by two network devices sharing a wire on the speed,
duplex, and controls to govern the use of that wire. It allows a device to advertise enhanced
modes of operation it possesses to a device at the remote end of a link segment and to detect
corresponding enhanced operational modes that the other device may be advertising. The
objective of the Auto-Negotiation function is to provide the means to exchange information
between two devices that share a link segment and to automatically configure both devices to
take maximum advantage of their abilities
As a protocol auto-negotiation exists strictly at the PHY (physical) layer of the OSI (Open
System Interconnection Reference Model) and is implemented by software, hardware, or a
mixture of both. Relationship of Auto Negotiation function with OSI Reference model is
10
![Page 17: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/17.jpg)
shown in following 3.1
Figure 3.1: Location of Auto-Negotiation function within the ISO OSI Reference Model
The Auto-Negotiation function provides a mechanism to control connection of a single
MDI to a single PHY type, where more than one PHY type may exist.The Auto-Negotiation
functions shall interact with the technology dependent PHYs through the Technology-Dependent
interface. Technology-Dependent PHYs include 1000BASE-KX, 10GBASE-KX4, 10GBASE-
KR, 40GBASE-KR4, 40GBASE-CR4, and 100GBASE-CR10.When the MDI supports multi-
ple lanes, then lane 0 of the MDI shall be used for Auto-Negotiation and for connection of any
single-lane PHYs (e.g., 1000BASE-KX or 10GBASE-KR).
For a link to function properly the devices on either side of the wire must be configured in
the same manner; either both set to autonegotiation or both set to the same hard-coded speed
and duplex settings. In an environment where one device is set to auto-negotiate and the other
device is set to a hard-coded speed and duplex the auto-negotiate algorithm can detect speed
and set that appropriately. The duplex setting of the remote device is indeterminable by the
auto-negotiating device. Following the IEEE standard, the auto-negotiating device falls back
to half-duplex. This presents an issue if the remote device is set to full-duplex. Typically in
such a scenario, users complain of slow network connectivity and application timeouts.
11
![Page 18: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/18.jpg)
3.1.1 Speed
Speed is one of the two two parameters which is to be negotiated with the link partner. IEEE
802.3u introduced 100Mb/s to what was previously only a 10 Mb/s Ethernet networking world.
Now that computers had a choice of what speed to communicate a procedure needed to be
introduced to govern this decision. With the introduction of a third speed, 1000 Mb/s or Gigabit
Ethernet, this procedure became even more important. Thus the auto-negotiation protocol was
created while still maintaining complete backwards compatibility with the 10Mb/s protocol.
A device capable of auto-negotiation transmits and receives the Link code word base page.
The receiver must identify three identical LCWs before the information is authenticated and
used in the arbitration process. The devices decode the LCW base Page and select capabilities
of the highest common denominator supported by both devices. Figure 3.2 illustrates the Base
Page.
Figure 3.2: LCW Base Page
The First 5 bits only have two valid values. They state either to use IEEE 802.3 (Ethernet)
or IEEE 802.9 (Iso Ethernet over Cat3twisted pair). The next 5 bits state what speed and duplex
combinations that a device can communicate. Bits A5 and A6 are used for Flow Control and
D14 is used to acknowledge a negotiation. The last bit, D15 is used to denote the need to use
Next Page, a more advanced LCW used to negotiate Gigabit speeds and controls.
Once the LCWs are properly received, each device transmits a Base Page with an ac-
knowledge bit. At this point, both devices enable the mode that is the highest common mode
negotiated. The clock pulses are used for timing and recovery of the data pulses are shown in
figure 3.3.
If the data pulse is present, it represents a value of one in the LCW for that position. The
lack of a data pulse indicates a zero in the LCW for that position, as shown in Figure 3.4.
12
![Page 19: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/19.jpg)
Figure 3.3: FLP Burst Timing
Figure 3.4: FLP Burst Encoding
To support Giga Bit Speeds, the advanced version of Link Code Word Base Page is imple-
mented in Auto Negotiation Mechanism which is shown in below Figure 3.5.
Figure 3.5: Advanced Link codeword Base Page
Link Code word Base Page consisting of 48 bits. These 48 bits are transmitted with the
speed of clock pulse. As it doesn’t has any particular speed before auto negotiation. The
Purpose of each bit in Link Code word Base page is described below.
• Selector Field: Selector Field (S[4:0]) is a 5 bit wide field, encoding 32 possible mes-
sages. Combinations not specified are reserved for future use .The first 5 bits only have
13
![Page 20: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/20.jpg)
two valid values. They state either to use IEEE 802.3 (Ethernet) with or IEEE 802.9 (Iso
Ethernet over Cat3 twisted pair).For IEEE 802.3 selector field is 00001 and for IEEE
802.9 selector field is 00010.
• Technology Ability Field: Technology Ability Field (A[24:0]) is a 25-bit wide field
containing information indicating supported technologies specific to the selector field
value when used with the Auto-Negotiation for Ethernet. These bits are mapped to
individual technologies such that abilities are advertised in parallel for a single selector
field value. The Technology Ability Field encoding for the IEEE 802.3 selector with
Auto-Negotiation for Ethernet is described in below Table 3.1.1.
Bit TechnologyA0 1000BASE-KXA1 10GBASE-KX4A2 10GBASE-KRA3 40GBASE-KR4A4 40GBASE-CR4A5 100GBASE-CR10
A6 through A24 Reserved for future technology
Table 3.1: Technology Ability Field encoding
• Remote Fault: Remote Fault (RF) is encoded in bit D13 of the base link code word.
The default value is logic zero. The Remote Fault bit provides a standard transport
mechanism for the transmission of simple fault information.
• Acknowledge: Acknowledge (Ack) is used by the Auto-Negotiation function to indicate
that a device has successfully received its link partners link code word.
• Next Page: Next Page (NP) is encoded in bit D15 of link code word. Support of Next
Pages is mandatory. If the device does not have any Next Pages to send, the NP bit shall
be set to logical zero. If a device wishes to engage in Next Page exchange, it shall set
the NP bit to logical one. If a device has no Next Pages to send and its link partner has
set the NP bit to logical one, it shall transmit Next Pages with Null message codes and
the NP bit set to logical zero while its link partner transmits valid Next Pages. Next
page exchanges will occur if either the device or its link Partner sets the Next Page bit
to logical one.
14
![Page 21: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/21.jpg)
Priority Resolution Table
Since a local device and a link partner may have multiple common abilities, a mechanism to
resolve which mode to configure is required. The mechanism used by Auto Negotiation is
a Priority Resolution function that predefines the hierarchy of supported technologies. The
single PHY enabled to connect to the MDI by Auto-Negotiation shall be the technology cor-
responding to the bit in the Technology Ability Field common to the local device and link
partner that has the highest priority as defined in below Table 3.1.1.
Priority Technology Capability1 100GBASE-CR10 100 Gb/s 10 lane, highest priority2 40GBASE-CR4 40 Gb/s 4 lane3 40GBASE-KR4 40 Gb/s 4 lane4 10GBASE-KR 10 Gb/s 1 lane5 10GBASE-KX4 10 Gb/s 4 lane6 1000BASE-KX Gb/s 1 lane, lowest priority
Table 3.2: Priority Resolution
3.1.2 Duplex
Duplex mismatch is the most common cause for network link problems outside of physical
cabling or hardware failure. Duplex mismatches are caused by the inability of an auto negoti-
ation device to predict the settings of a hard-coded device. Also in accordance with the IEEE
specification the auto-negotiation device will connect with the Half-Duplex setting when the
duplex setting of the other device cannot be determined.
Parallel detection
Parallel Detection is a part of the Auto Negotiation process when trying to establishing a link
between two devices to the highest common Denominator. An Auto Negotiation Device Trans-
mits Base page to broadcast its capabilities such as 10 Gbps Full Duplex. To be compatible
with Devices that do not auto negotiate, Parallel detection was implemented as part of the
standard. A Non-auto negotiating device will send an idle signal indicating the speed at which
it operates. An auto negotiating device detect this idle go to half duplex and set its speed to
match what was indicated in the idle signal.
15
![Page 22: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/22.jpg)
1. Case : Interoperability with non-auto-negotiation 100 Base T The link partner can be a
port on a 100 Mbps hub or a 10/100 Mbps switch configured for 100 Mbps operation
only. The NIC in the server is configured for auto-negotiation.
Figure 3.6: Non AutoNegotiation 100BaseT
Communication between a non-auto-negotiation 100BaseT device and the NIC follows
specific steps given below. The corresponding figure is shown in Figure 3.6.
• The DTE powers up in link fail mode and transmits FLPs.
• The 100BaseTX link partner powers up and sends idle symbols.
• The DTE parallel detection function detects the idle symbol, bypasses the auto
Negotiation function, passes control to the 100BaseTX PMA, and transmits idle.
• A link is established at 100 Mbps half duplex.
2. Case : Interoperability with auto-negotiation 100BaseT (10/100) The link partner is a
port on a 10/100 switch configured for auto negotiation. The NIC in the server is config-
ured for auto-negotiation and capable of 10/100/1000 Mbps operation.Communication
between auto-negotiation 100BaseT device and the NIC follows specific steps given be-
low. The corresponding figure is shown in Figure r3.7.
• Both devices power up in link fail mode and transmit FLPs.
• Each device receives and decodes the capabilities of the other.
• A link is established at 100 Mbps full duplex.
16
![Page 23: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/23.jpg)
Figure 3.7: AutoNegotiation 100BaseT
3.2 Interrupts
In real time we send and receive lot of data through Ethernet. Any time we want to send data
we need to get the attention of CPU. So in Post Silicon Validation After designing Ethernet
Controller we are trying to validate the robustness of the Ethernet Controller by sending some
traffic and manually setting interrupts from the Ethernet Controller. These interrupts enable
the CPU in processing the data efficiently.
Interrupt is a way of getting attention to the interrupting device from the Interrupted device
An Interrupt is a hardware signal from a device to a CPU, informing the CPU that the needs
attention and signaling that the CPU should stop current processing and responding to the
device. If the CPU is performing a task that has lower priority then the priority of the interrupt,
the CPU suspends its current thread. The CPU then invokes the interrupt handler for the device
that sent the interrupt signal. The interrupt handler services the device and when the interrupt
handler returns, the CPU resumes the processing it was doing, before the interrupt occurred.
First we will see how devices do interrupts in a legacy PC.
3.2.1 Interrupts in a legacy PC
Legacy interrupts need Multi-step communication to execute an interrupt. The required steps
need are as follows.
• A device signals that it needs CPU service
• The Interrupt Controller signals the CPU
• The CPU responds with INTA
17
![Page 24: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/24.jpg)
Figure 3.8: Older Way of Interrupts
• INTA puts ID-number on system bus
• CPU uses ID-number to lookup IVT entry
• Interrupt handler executes Interrupt service routine and returns where it was interrupted.
3.2.2 Improvement to be done for faster Interrupt handling
Faster response to interrupts is possible if the old multi-step communication scheme can be
replaced by a single-step protocol. Less expensive PCs can be manufactured if their total
number of signal pins and the physical interconnections can be reduced. More devices can
have their own private interrupt(s) if signal lines are not required so this brought the need for
development of a new system for handling interrupts in a fast and efficient way. So MSI were
developed for this. Message Signaling allows all the needed information to arrive in a single
package, and go directly from a device to the CPU.
3.2.3 Introduction to MSI and Its Capabilities
Message Signaled Interrupts (MSI) are an alternative in-band method of signaling an interrupt,
using special in-band messages to replace traditional out-of-band assertion of dedicated inter-
rupt lines. While more complex to implement in a device, message signaled interrupts have
some significant advantages over pin-based out-of-band interrupt signaling Message signaled
interrupts are supported in PCI bus since its version 2.2, and in later available PCI Express bus.
Some non-PCI architectures also use message signaled interrupts. Traditionally, a device has
18
![Page 25: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/25.jpg)
Figure 3.9: New Way of handling Interrupts
an interrupt line (pin) which it asserts when it wants to signal an interrupt to the host process-
ing environment. This traditional form of interrupt signaling is an out-of-band form of control
signaling since it uses a dedicated path to send such control information, separately from the
main data path. Message signaled interrupts are replacing those dedicated interrupt lines with
in-band signaling, where special messages indicating interrupts are exchanged through the
main data path.
As an example, PCI Express does not have separate interrupt pins at all, and it uses special
in band messages to allow it to emulate an interrupt pin assertion or de assertion. Message
signaled interrupts allow the device to write a small amount of data to a special memory-
mapped I/O address, the chipset then delivers the corresponding interrupt to a processor.
A common misconception with Message Signaled Interrupts is that they allow the device
to send data to a processor as part of the interrupt. The data that is sent as part of the write
is used by the chipset to determine which interrupt to trigger on which processor. It is not
available for the device to communicate additional information to the interrupt handler.
3.2.4 MSI Types
PCI defines two optional extensions to support Message Signaled Interrupts.
They are
1. MSI
2. MSI-X
19
![Page 26: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/26.jpg)
MSI
MSI permits a device to allocate 1, 2, 4, 8, 16 or 32 interrupts. The device is programmed with
an address to write to (generally a control register in an interrupt controller), and a 16-bit data
word to identify it. The interrupt number is added to the data word to identify the interrupt.
Some platforms such as Windows do not use all 32 interrupts but only use up to 16 interrupts.
Figure 3.10 shows how Ethernet traffic is distributed across single CPU in a single core system.
Figure 3.10: Network Data Flow In a Single Core Processor
MSI-X
MSI-X is an extension to MSI to enable support for more vectors and other advantages. MSI-
X permits a device to allocate up to 2048 interrupts. The single address used by original MSI
was found to be restrictive for some architectures. In particular, it made it difficult to target
individual interrupts to different processors, which is helpful in some high-speed networking
applications. MSI-X allows a larger number of interrupts and gives each one a separate target
address and data word. Devices with MSI-X do not necessarily support 2048 interrupts but
20
![Page 27: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/27.jpg)
at least 64 which is double the maximum MSI interrupts. Optional features in MSI (64-bit
addressing and interrupt masking) are also mandatory with MSI-X.
The ability to communicate efficiently between queues and particular processor cores is
handled by MSI-X. MSI-X is the next generation of MSI, which passes interrupts to a single
processor core. Conversely, MSI-X provides multiple interrupt vectors, which allow multi-
ple interrupts to be handled simultaneously and load balanced across multiple cores. This
improvement helps improve CPU utilization and lower latency.
With an interrupt vector for each queue, the controller can handle multiple interrupts si-
multaneously, preventing the bottlenecks associated with guiding all interrupts through a single
vector.
Figure 5.11 shows how Ethernet traffic is distributed across CPU cores in a multi-core
System.
Figure 3.11: Network Data Flow In a Multi Core Processor
21
![Page 28: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/28.jpg)
3.3 Power States
In real time we switch ON and off the Ethernet Device by switching ON or OFF the Operating
System number of times. So every time we switch ON the Computer Ethernet Link should
come up. So in Post Silicon Validation After designing Ethernet Controller we are trying to
manually change the Ethernet Device to ON and OFF state repetitively and in each state by
running some link reliable tests such as Iperf we can validate the robustness of the controller.
We will discuss the implementation of different power states below.
Communication devices such as Ethernet net work devices often in corporate industry
standards giving the devices the ability to be powered down to a sleep state or an off state by
the operating system of the computer.
Communication devices such as Ethernet net work devices often in corporate industry
standards giving the devices the ability to be powered down to a sleep state or an off state by
the operating system of the computer.
As shown in Figure 3.12, communication arrangement includes a host computer system
and a network device, e.g., a Gigabit Ethernet device, that both interface with a Peripheral
Component Interconnect (PCI) bus. The host computer system executes an operating system
stored on a computer readable medium (not shown) and loaded into resident memory (not
shown) when the host computer system boots up. The operating system controls functions of
the host computer system and could cause the host computer system or the network device
to enter a sleep or low power state. The host computer system includes a main power supply
and an auxiliary power supply. The network device includes a physical layer interface that
interfaces with a physical network link.
Referring to Figure 3.13, a Gigabit Ethernet device inter faces with a PCI bus and a physical
network link. The Gigabit Ethernet device includes a Media Access Control (MAC) subsystem
and an electrically powered physical layer interface. The MAC subsystem includes a PCI Bus
Interface, a Direct Memory Access (DMA) Controller, and a Media Access Controller (MAC).
The PCI Bus Interface includes a 16-bit Power Management Control/Status (PMCS) Register
which includes a two-bit Power State field (not shown) used both to determine the current
power state of the device by the operating system and to permit the operating system to set the
device to a different power management state in accordance with the definitions provided in
Table 3.3.
22
![Page 29: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/29.jpg)
Figure 3.12: Network Device Connected to Host Computer Syster Over PCI Bus
23
![Page 30: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/30.jpg)
Figure 3.13: Gigabit Ethernet Device with an Integral Physical Layer Interface
24
![Page 31: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/31.jpg)
Bit Value Power Managementstate of Device Definition
00 D0Device 16 is on and running. It is receivingfull power from the host computer 12 and is
delivering full functionality to the user11 D3 Device 16 is OFF
Table 3.3: Table showing the Basic Power Management States of Giga Bit Ethernet
Figure 3.14: Power Management State Transitions of Gigabit Ethernet Device
Referring to Figure 3.14, a power management state transition of the Gigabit Ethernet
device depicted in Figure 3.13 is shown. The Gigabit Ethernet device has three power man-
agement states, D0 Active, D0 Uninitialized and D3 and they are generally defined in Table
3.4.
Power Managementstate of Device Definition
D0 ActiveDevice 16 is on and running and is deliveringfull functionality and performance to the user
D0 UnintialisedDevice 16 is powering up and awaiting
initialisation by BIOSD3 Device 16 is OFF
Table 3.4: Table showing the PowerManagement States of Giga Bit Ethernet
D0 Active and D0 Uninitialized are subsets of the ACPI Specification 2.0 power man-
agement state D0. Additionally, the Gigabit Ethernet devices power management state D3
includes the D3 hot state, which means that the Gigabit Ethernet device can be transitioned
25
![Page 32: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/32.jpg)
to the D0 Uninitialized state via software by writing 00 to the devices Power Management
Control/Status register or by having the PCI reset signal asserted. The Gigabit Ethernet device
power management state D3 also includes the D3 Cold power management state, which means
that the Gigabit Ethernet device is transitioned to a D0 Uninitialized state by re applying the
main power supply,and de asserting the PCI reset signal. However, other embodiments may
only support the D3 Cold power management state or the D3 hot power management state.
The Gigabit Ethernet device may transition to a different power management state as a
result of the operating system or Basic Input/output System (BIOS) directing a power man-
agement state change. For example, if the Gigabit Ethernet device is up and running in the D0
Active state and the operating system writes 11 to the Power State field in the Power Manage-
ment Control/Status Register, the device transitions to state D3. Similarly, if the device is in
power management state D3 and the operating system writes 00 to the Power State field in the
Power Management Control/Status Register, the device transitions to state D0 Uninitialized.
The device also transitions from D0 Uninitialized to the D0 Active when the BIOS writes a 1
to the memory access enable bit of a PCI command register (not shown) on the PCI interface.
3.4 Reset
In a computer or data transmission system, a reset clears any pending errors or events and
brings a system to normal condition or an initial state, usually in a controlled manner. It
is usually done in response to an error condition when it is impossible or undesirable for
a processing activity to proceed and all error recovery mechanisms fail. A computer storage
program would normally perform a ”reset” if a command times out and error recovery schemes
like retry or abort also fail.
Basically two types of reset are used. They are
• Functional Level Reset
• software reset
3.4.1 Functional Level Reset
3.4.2 software reset
A software reset is performed by restarting system software without resetting the hardware.
26
![Page 33: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/33.jpg)
Chapter 4
Software and Hardware Details
4.1 Python
Python is a general-purpose, high-level language that can be extended and embedded (included
in applications as a tool for writing macros). That makes Python a smart choice for many
programming problems, both small and large, and not so good for a couple of computing
tasks.
Python is ideal for projects that require quick development. It supports multiple program-
ming philosophies, so it’s good for programs that require flexibility. The many packages and
modules already written for Python provide versatility and save you time.
Guido van Rossum created Python and is affectionately bestowed with the title ”Benevolent
Dictator For Life” by the Python community.
4.1.1 Features
Some of the features of the python are as follows.
• Scripting language: A script is a program that controls other programs. Scripting lan-
guages are good for quick development and prototyping because they’re good at passing
messages from one component to another and at handling fiddly stuff like memory man-
agement so that the programmer doesn’t have to. Python has grown beyond scripting
languages, which are used mostly for small applications. The Python community prefers
to call Python a dynamic programming language.
27
![Page 34: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/34.jpg)
• Indentation for statement grouping: Python specifies that several statements are part
of a single group by indenting them. The indented group is called a code block. Other
languages use different syntax or punctuation for statement grouping. For example, the
C programming language uses to begin an instruction and to end it. Indentation is
considered good practice in other languages also, but Python was one of the first to
enforce indentation. Indentation makes code easier to read, and code blocks set off
with indentation have fewer begin/end words and punctuation to accidentally leave out
(which means fewer bugs).
• High-level data types:Computers store everything in 1s and 0s, but humans need to
work with data in more complex forms, such as text. A language that supports such
complex data is said to have high-level data types. A high-level data type is easy to
manipulate. For example, Python strings can be searched, sliced, joined, split, set to
upper- or lowercase, or have white space removed. High-level data types in Python, such
as lists and dicts (which can store other data types), encompass much more functionality
than in other languages.
• Extensibility:An extensible programming language can be added to. These languages
are very powerful because additions make them suitable for multiple applications and
operating systems. Extensions can add data types or concepts, modules, and plug-ins.
Python is extensible in several ways. A core group of programmers works on modifying
and improving the language, while hundreds of other programmers write modules for
specific purposes.
• Interpreted: Interpreted languages run directly from source code that humans gener-
ate (whereas programs written in compiled languages, like C++, must be translated to
machine code before they can run). Interpreted languages run more slowly because the
translation takes place on the fly, but development and debugging is faster because you
don’t have to wait for the compiler. Interpreted languages are easier to run on multiple
operating systems. In the case of Python, it’s easy to write code that works on multiple
operating systemswith no need to make modifications
People argue over whether Python is an interpreted or compiled language. Although
Python works like an interpreted language in many ways, its code is compiled before
execution (like Java), and many of its capabilities run at full machine speed because
28
![Page 35: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/35.jpg)
they’re written in Cleaving you free to focus on making your application work. Guido
began writing Python during his Christmas vacation in 1989, and over the next year, he
added to the program based on feedback from colleagues. He released it to the public in
February 1991 by posting to the Usenet system of newsgroups. In Guido’s words: ”The
rest is in the Misc/HISTORY file.”
Programming styles:Python is a multi-paradigm language (meaning it supports more than
one style orphilosophy of programming). This makes it good for applications that benefit from
a flexible approach to programming. Python includes tools for the following paradigms:
• Object-oriented programming (OOP for short) is one of the popular programming styles
that Python supports. OOP breaks up code into individual units that pass messages back
and forth.
Tip Object-oriented programming is good for applications that have multiple parts that
need to communicate with each other.
• Python has features in common with the following languages. If you know these lan-
guages, you’ll find features in Python that you are familiar with, making Python easier
to learn:
4.2 Wireshark
Wireshark is a free and open-source packet analyzer. It is used for network troubleshoot-
ing, analysis, software and communications protocol development, and education. Originally
named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.
Wireshark is cross-platform, using the GTK+ widget toolkit in current releases, and Qt in
the development version, to implement its user interface, and using pcap to capture packets. It
runs on GNU/Linux, OS X, BSD, Solaris, some other Unix-like operating systems, and Mi-
crosoft Windows. There is also a terminal-based (non-GUI) version called TShark. Wireshark,
and the other programs distributed with it such as TShark, are free software, released under
the terms of the GNU General Public License.
29
![Page 36: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/36.jpg)
4.2.1 Funcionality
Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated
sorting and filtering options.
Wireshark allows the user to put network interface controllers that support promiscuous
mode into that mode, in order to see all traffic visible on that interface, not just traffic addressed
to one of the interface’s configured addresses and broadcast/multicast traffic. However, when
capturing with a packet analyzer in promiscuous mode on a port on a network switch, not all
of the traffic travelling through the switch will necessarily be sent to the port on which the
capture is being done, so capturing in promiscuous mode will not necessarily be sufficient to
see all traffic on the network. Port mirroring or various network taps extend capture to any
point on the network. Simple passive taps are extremely resistant to tampering.
On Linux, BSD, and OS X, with libpcap 1.0.0 or later, Wireshark 1.4 and later can also put
wireless network interface controllers into monitor mode.
If a remote machine captures packets and sends the captured packets to a machine running
Wireshark using the TZSP protocol or the protocol used by OmniPeek, Wireshark will dissect
those packets, thus allowing it to analyze packets captured on a remote machine at the time
that they’re captured.
4.2.2 Features
Wireshark is software that ”understands” the structure (encapsulation) of different networking
protocols. It can parse and display the fields, along with their meanings as specified by dif-
ferent networking protocols. Wireshark uses pcap to capture packets, so it can only capture
packets on the types of networks that pcap supports.
• Data can be captured ”from the wire” from a live network connection or read from a file
of already-captured packets.
• Live data can be read from a number of types of network, including Ethernet, IEEE
802.11, PPP, and loopback.
• Captured network data can be browsed via a GUI, or via the terminal (command line)
version of the utility, TShark.
30
![Page 37: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/37.jpg)
• Captured files can be programmatically edited or converted via command-line switches
to the ”editcap” program.
• Data display can be refined using a display filter.
• Plug-ins can be created for dissecting new protocols.
• VoIP calls in the captured traffic can be detected. If encoded in a compatible encoding,
the media flow can even be played.
• Raw USB traffic can be captured.
Wireshark’s native network trace file format is the libpcap format supported by libpcap and
WinPcap, so it can exchange captured network traces with other applications that use the same
format, including tcpdump and CA NetMaster. It can also read captures from other network
analyzers, such as snoop, Network General’s Sniffer, and Microsoft Network Monitor.
4.2.3 Security
Capturing raw network traffic from an interface requires elevated privileges on some plat-
forms. For this reason, older versions of Ethereal/Wireshark and tethereal/TShark often ran
with superuser privileges. Taking into account the huge number of protocol dissectors that are
called when traffic is captured, this can pose a serious security risk given the possibility of a
bug in a dissector. Due to the rather large number of vulnerabilities in the past (of which many
have allowed remote code execution) and developers’ doubts for better future development,
OpenBSD removed Ethereal from its ports tree prior to OpenBSD 3.6.
Elevated privileges are not needed for all operations. For example, an alternative is to
run tcpdump or the dumpcap utility that comes with Wireshark with superuser privileges to
capture packets into a file, and later analyze the packets by running Wireshark with restricted
privileges. To emulate near realtime analysis, each captured file may be merged by mergecap
into growing file processed by Wireshark. On wireless networks, it is possible to use the
Aircrack wireless security tools to capture IEEE 802.11 frames and read the resulting dump
files with Wireshark.
As of Wireshark 0.99.7, Wireshark and TShark run dumpcap to perform traffic capture.
On platforms where special privileges are needed to capture traffic, only dumpcap needs to be
31
![Page 38: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/38.jpg)
run with those special privileges: neither Wireshark nor TShark need to or should be run with
special privileges.
4.3 Iperf
Iperf was developed by NLANR/DAST as a modern alternative for measuring maximum TCP
and UDP bandwidth performance. Iperf allows the tuning of various parameters and UDP
characteristics. Iperf reports bandwidth, delay jitter, datagram loss.
Iperf can be run on client-server mode. To measure the bandwidth On one system run Iperf
as a server and on the another system run iperf as a client. First we have to start the server and
next client.
Command on the server to run Iperf
iperf.exe -s -B 192.168.1.1
Command on the client to run Iperf
iperf.exe -c 192.168.1.2 -p 471 -t 60 -P 64
By default iperf uses TCP/UDP port 5001, so make sure it’s not blocked. This is the result
after starting Iperf on server after the client is connected:
————————————————————
Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)
————————————————————
’ 4’ local 192.168.1.2 port 5001 connected with 192.168.1.1 port 471
’ 4’ 0.0-10.0 sec 112 MBytes 93.8 Mbits/sec
32
![Page 39: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/39.jpg)
Chapter 5
Results
Python Programming language is used to write the code for introducing harasser in to the
controller.
33
![Page 40: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/40.jpg)
Bibliography
[1] S. M. Balabatti and R. Radha, “Calculation of ecrc for tlp-packets of pcie protocol.”
[2] S. Mitra, S. A. Seshia, and N. Nicolici, “Post-silicon validation opportunities, challenges
and recent advances,” in Design Automation Conference (DAC), 2010 47th ACM/IEEE.
IEEE, 2010, pp. 12–17.
[3] T. Kiravuo, M. Sarela, and J. Manner, “A survey of ethernet lan security.” IEEE Commu-
nications Surveys and Tutorials, vol. 15, no. 3, pp. 1477–1491, 2013.
[4] C. Sanders, Practical packet analysis. No Starch Press, 2011.
[5] W. Yurcik, C. Woolam, G. Hellings, L. Khan, and B. Thuraisingham, “Scrub-tcpdump:
A multi-level packet anonymizer demonstrating privacy/analysis tradeoffs,” in Security
and Privacy in Communications Networks and the Workshops, 2007. SecureComm 2007.
Third International Conference on. IEEE, 2007, pp. 49–56.
[6] Z. Xusheng, “A p2p traffic classification method based on svm,” in Computer Science
and Computational Technology, 2008. ISCSCT’08. International Symposium on, vol. 2.
IEEE, 2008, pp. 53–57.
[7] W.-B. Pottner and L. Wolf, “Ieee 802.15. 4 packet analysis with wireshark and off-the-
shelf hardware,” 2010.
[8] B. Wile, J. C. Goss, and W. Roesner, Comprehensive Functional Verification: The Com-
plete Industry Cycle. Morgan Kaufmann, 2005.
[9] N. Nicolici and H. F. Ko, “Design-for-debug for post-silicon validation: Can high-level
descriptions help?” in High Level Design Validation and Test Workshop, 2009. HLDVT
2009. IEEE International. IEEE, 2009, pp. 172–175.
34
![Page 41: FirstMidReport.pdf](https://reader034.vdocuments.mx/reader034/viewer/2022051623/55cf924a550346f57b95323f/html5/thumbnails/41.jpg)
[10] I. Crayford, “” fast ethernet” gets plug-and-play,” in WESCON/’95. Conference
record.’Microelectronics Communications Technology Producing Quality Products Mo-
bile and Portable Power Emerging Technologies’. IEEE, 1995, p. 354.
[11] R. Nalawadi and B. Vembu, “Functional level reset on a per device/function basis,”
Dec. 29 2005, uS Patent App. 11/323,297.
[12] U. Banerjee, A. Vashishtha, and M. Saxena, “Evaluation of the capabilities of wireshark
as a tool for intrusion detection,” International Journal of Computer Applications, vol. 6,
no. 7, 2010.
[13] A. Tirumala, L. Cottrell, and T. Dunigan, “Measuring end-to-end bandwidth with iperf
using web100,” in Web100, Proc. of Passive and Active Measurement Workshop. Cite-
seer, 2003.
[14] M. Ateeq, H. Habib, A. Umer, and M. U. Rehman, “C++ or python? which one to begin
with: A learner’s perspective,” in Teaching and Learning in Computing and Engineering
(LaTiCE), 2014 International Conference on. IEEE, 2014, pp. 64–69.
35