Personal computing discussed

Moderators: renee, Steel, notfred

 
bla_bar
Gerbil In Training
Topic Author
Posts: 3
Joined: Mon Mar 12, 2018 4:31 pm

Extracting packet sizes and timestamps from a wireless router

Mon Mar 12, 2018 4:34 pm

I want to keep a log of each packet that passes through a wireless access point.

I'm looking for the following timestamps for each packet:

1. When a packet was queued for downlink transmission
2. When the access point started to contend on the wireless channel for the first time to transmit the packet (there can be collisions, etc. which can lead to retransmissions but I'm not interested in those timestamps)
3. When the packet was transmitted successfully on the downlink
4. When a packet was received on the uplink

and the corresponding packet sizes for each of the above 4 cases. Also, some kind of a identifier to know whether the timestamps belong to a particular packet or another packet (e.g. there can be a time when the packet was queued, when the AP started to contend and when the packet was successfully transmitted. But it's important to know that all the timestamps belong to a specific packet or different packets.)

I'm not looking for any fancy APs with the latest wireless standards. Even a simple 802.11g AP should be fine.

If anyone knows of any tools/setups/any way of getting the above information, can you please help me out. Also, if you have used these tools on a specific AP, can you please tell me the AP specifications?
 
Duct Tape Dude
Gerbil Elite
Posts: 721
Joined: Thu May 02, 2013 12:37 pm

Re: Extracting packet sizes and timestamps from a wireless router

Mon Mar 12, 2018 5:14 pm

I think stuff like packet queuing might be too low-level to log without some driver-level logs.

Is this for testing? Do you have a Mac or Linux machine with a WiFi card? What if you created an ad-hoc WiFi connection bridged to an ethernet adapter and fired up a tcpdump capture or Wireshark?
 
just brew it!
Administrator
Posts: 54500
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Extracting packet sizes and timestamps from a wireless router

Mon Mar 12, 2018 5:44 pm

I doubt you will find any consumer gear that will do this with stock firmware. At the very least you'll probably need something that can be flashed with Open Source firmware. Or maybe roll a DIY access point using a PC and wireless card.

As DTD hinted, you may even need to customize the WiFi driver and/or firmware in order to get that level of detail. If so, that's way beyond the scope of what can reasonably be covered in a forum thread.
Nostalgia isn't what it used to be.
 
bla_bar
Gerbil In Training
Topic Author
Posts: 3
Joined: Mon Mar 12, 2018 4:31 pm

Re: Extracting packet sizes and timestamps from a wireless router

Mon Mar 12, 2018 5:58 pm

Duct Tape Dude wrote:
I think stuff like packet queuing might be too low-level to log without some driver-level logs.

Is this for testing? Do you have a Mac or Linux machine with a WiFi card? What if you created an ad-hoc WiFi connection bridged to an ethernet adapter and fired up a tcpdump capture or Wireshark?


Thanks for your reply. I really appreciate you taking the time.

I'm using this for research. I'm not restricting myself to a specific WiFi card since I do not know which ones might have a good open source firmware support for this experiment. But I will be having a Linux machine with a wifi card for the experiment (depending on which one enables me to do such an experiment). I think that both TCP dump and wireshark will report only one timestamp for each packet. I'm not sure what this timestamp corresponds to but since wireshark tends to operate at Layer 2, I believe it should either be the successfully transmitted timestamp or the successfully received timestamp. But queuing timestamps are still not available in Wireshark.

Also, I did not understand your proposed setup: why do you need WiFi to be in adhoc mode?
Last edited by bla_bar on Mon Mar 12, 2018 6:00 pm, edited 1 time in total.
 
bla_bar
Gerbil In Training
Topic Author
Posts: 3
Joined: Mon Mar 12, 2018 4:31 pm

Re: Extracting packet sizes and timestamps from a wireless router

Mon Mar 12, 2018 6:00 pm

just brew it! wrote:
I doubt you will find any consumer gear that will do this with stock firmware. At the very least you'll probably need something that can be flashed with Open Source firmware. Or maybe roll a DIY access point using a PC and wireless card.

As DTD hinted, you may even need to customize the WiFi driver and/or firmware in order to get that level of detail. If so, that's way beyond the scope of what can reasonably be covered in a forum thread.


Thanks for your reply. I really appreciate you taking the time.

Are there any useful resources on how to customize the WiFi driver for getting these particular timestamps? If so, could you please post a link here so that I can continue my search based on the link? Thanks.
 
the
Gerbil Elite
Posts: 941
Joined: Tue Jun 29, 2010 2:26 am

Re: Extracting packet sizes and timestamps from a wireless router

Mon Mar 12, 2018 8:22 pm

3 and 4 could be accomplished by port mirroring on a multiport router and wireshark for a basic overview of when uplink and downlink transmission occurs. Without 1 and 2 though, it wouldn't be helpful to see any sort of wireless transmission issues which sounds like what you're trying to do.

Also port mirroring may not be forwarding at the same rate if there is an issue on the wireless end. The mirrored port may simply forward as soon as the mirrored packet arrives in the queue where as the wireless transmission could be buffered. This would be implementation specific to the make/model/firmware. However, times should still be approximate and the after the wireless transmit buffer is filled, port mirroring should not forward anything else due to buffer full error. That does put a maximum bound on the difference. As such, this maximum difference should be rather small.
Dual Opteron 6376, 96 GB DDR3, Asus KGPE-D16, GTX 970
Mac Pro Dual Xeon E5645, 48 GB DDR3, GTX 770
Core i7 [email protected] Ghz, 32 GB DDR3, GA-X79-UP5-Wifi
Core i7 [email protected] Ghz, 16 GB DDR3, GTX 970, GA-X68XP-UD4
 
notfred
Maximum Gerbil
Posts: 4610
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Extracting packet sizes and timestamps from a wireless router

Tue Mar 13, 2018 8:01 am

You aren't going to do that on any kind of consumer kit.

For starters the amount of data generated by even the smallest transfer is going to overwhelm any CPU in consumer kit and you are going to have nowhere to store it.

Secondly measurements for 1 & 2 are going to be down in the WiFi firmware. Modern WiFi chips are a radio and an embedded ARM CPU that runs a firmware blob that the driver downloads. The host CPU running the driver will write a descriptor - probably what you are looking for as 1, but then the embedded CPU will pick up that information, read the actual packet data via a bus-mastering DMA and then actually start the transmit.
 
Duct Tape Dude
Gerbil Elite
Posts: 721
Joined: Thu May 02, 2013 12:37 pm

Re: Extracting packet sizes and timestamps from a wireless router

Tue Mar 13, 2018 8:15 am

bla_bar wrote:
Also, I did not understand your proposed setup: why do you need WiFi to be in adhoc mode?

just brew it! wrote:
Or maybe roll a DIY access point using a PC and wireless card.

Simply so you can make your machine into a MITM router of sorts and capture traffic as JBI also suggested. The proposed flow would go: Internet ==> modem ==> Ethernet adapter on Mac/Linux machine ==> WiFi adapter on same Mac/Linux machine ==> target device.

In Linux if you want an indirect way of measuring the packet queuing you could cat the current TCP buffer size, assuming you're using TCP. I forgot where this is exposed exactly but it was just a cat/grep away somewhere in /proc/sys/net. I had scripted it to dump anytime the buffer was >0 on a loop, but unless you're dealing with large amounts of bandwidth that might not be helpful at all (probably drains too quickly--we were using it for tens of thousands of HTTP requests per second per machine).
Last edited by Duct Tape Dude on Tue Mar 13, 2018 8:18 am, edited 2 times in total.
 
just brew it!
Administrator
Posts: 54500
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Extracting packet sizes and timestamps from a wireless router

Tue Mar 13, 2018 9:06 am

If @notfred is correct about the location of the required hooks being buried way deep in the firmware, doing this with consumer gear is probably a lost cause unless the vendor exposes the capability to the device driver somehow.
Nostalgia isn't what it used to be.
 
Bauxite
Gerbil Elite
Posts: 788
Joined: Sat Jan 28, 2006 12:10 pm
Location: electrolytic redox smelting plant

Re: Extracting packet sizes and timestamps from a wireless router

Tue Mar 13, 2018 9:35 am

Been awhile since I nerded in wifi but hardware using the ath9k driver on linux can probably do all that you need, host mode etc. Definitely does MITM setups well, thats what I was doing.

No ac, but agbn and plenty of cards out there. Don't bother with an AP, just get a laptop with more than one slot or expresscard etc. Still some of the best cards for nerding in wifi, comes in pci and pcie variants too.
TR RIP 7/7/2019

Who is online

Users browsing this forum: No registered users and 1 guest
GZIP: On