Simics provides several ways of listening to the network traffic on one, or all Ethernet links. Simics includes ready-to-use traffic dumping capabilities, using external network monitoring tools. It also provides an Ethernet probe and Ethernet snooper capabilities, giving access to a programmatic interface for listening to the network traffic.
Simics provides several commands to dump the traffic on one or several Ethernet links. These commands use existing file formats and network monitoring tools to present the results:
<ethernet_link>.pcap-dump command dumps the traffic of a specific Ethernet link to a file that can be read by tcpdump or any compatible program like Wireshark (https://www.wireshark.org). A global pcap-dump also exists to dump the traffic of all Ethernet links of the simulation in the same file.tcpdump command works as pcap-dump, but the traffic is redirected to a tcpdump instance running in a separate window (for Linux only).wireshark command works as tcpdump, but redirects the traffic to an instance of Wireshark instead.Note that there can only be one traffic dumping tool active on the link. Simics will automatically stop the current traffic dump and start a new one as necessary. The pcap-dump-stop, tcpdump-stop, and wireshark-stop commands can be used to stop the traffic dumping.
These commands can also be activated for a specific device on the link by associating them with an existing Ethernet probe. This is described in the Ethernet Probe section below.
The Ethernet probe provides a way to listen to traffic at a particular endpoint of the link, that is, the probe will receive both incoming and outgoing traffic for a particular device.
A probe is inserted using the insert-ethernet-probe command with appropriate arguments. We will use QSP-x86 as an example machine. Please start the simulation with the firststeps-no-network.simics start script:
simics> load-module eth-links
simics> new-ethernet-switch link0
Created instantiated 'ethernet_switch' component 'link0'
simics> connect link0.device0 board.mb.sb.eth_slot
# insert a probe between the PHY of the eth[0] device above and the link
simics> load-module eth-probe
simics> insert-ethernet-probe device = board.mb.sb.phy
Created probe 'probe0'
simics> probe0.info
Information about probe0 [class eth-probe]
==========================================
Connections:
Port A : board.mb.sb.phy
Port B : link0.link
At this point, the probe is ready to use. You can issue a <eth-probe>.pcap-dump or similar command to connect an external network monitoring tool at the probe level. The traffic will be dumped as seen from the board.mb.sb.phy device.
You can also register your own callback to listen to the traffic going-on in the probe, using the ethernet_probe interface provided by the probe object:
typedef enum {
Eth_Probe_Port_A = 0,
Eth_Probe_Port_B = 1
} eth_probe_side_t;
typedef void (*ethernet_probe_snoop_t)(lang_void *user_data,
conf_object_t *probe,
eth_probe_side_t to_side,
const frags_t *frame,
eth_frame_crc_status_t crc_status);
// END ethernet_probe_snoop_t
SIM_INTERFACE(ethernet_probe) {
void (*attach_snooper)(conf_object_t *NOTNULL probe,
ethernet_probe_snoop_t snoop_fun,
lang_void *user_data);
void (*attach_probe)(conf_object_t *NOTNULL probe,
ethernet_probe_snoop_t snoop_fun,
lang_void *user_data);
void (*detach)(conf_object_t *NOTNULL probe);
void (*send_frame)(conf_object_t *NOTNULL probe,
eth_probe_side_t to_side,
const frags_t *frame,
eth_frame_crc_status_t crc_status);
};
#define ETHERNET_PROBE_INTERFACE "ethernet_probe"
A complete description of this interface is provided in the API Reference Manual, chapter Model-to-Model Interfaces, section ethernet_probe. What we are interested in at this point is to register a snooper callback that will only listen to traffic:
simics> python-mode
# a callback that does nothing but print a warning
def callback(user_data, probe, to_side, packet, crc_status):
if to_side == Eth_Probe_Port_A:
print('packet going to device')
else:
print('packet going to network')
conf.probe0.iface.ethernet_probe.attach_snooper(callback, None)
.........
simics>>> (Ctrl-D)
simics> continue
packet going to network
packet going to network
[...]
The probe can also drop, modify or inject packets. This is described in the next part Injecting and Modifying Network Traffic.
Ethernet links provide a special interface to listen to all traffic on the link via a function callback. This makes it possible to write simple traffic dumping scripts with customized output.
/* <add-type id="ethernet_link_snoop_t"></add-type> */
typedef void (*ethernet_link_snoop_t)(lang_void *user_data,
conf_object_t *clock,
const frags_t *packet,
eth_frame_crc_status_t crc_status);
SIM_INTERFACE(ethernet_snoop) {
conf_object_t *(*attach)(conf_object_t *NOTNULL link,
conf_object_t *clock,
ethernet_link_snoop_t snoop_fun,
lang_void *user_data);
};
#define ETHERNET_SNOOP_INTERFACE "ethernet_snoop"
This interface is implemented by Ethernet link objects. It is used to attach snoop functions to the link. The snoop function will receive all traffic going over the link.
| Global Context |
This interface should only be used for inspection, and never as part of the actual simulation. The snoop functions must not affect the simulation in any way.
The clock parameter tells the link on which clock to post the events that call the snoop function. The snoop function will be called at the delivery time of the network packet, which means that it will be called at the same time as any Ethernet devices attached to the same clock that receives packets from the same link.
Snooped frames with a matching CRC will contain the correct frame check sequence.
The user_data parameter is passed to the snoop function every time it is called.
We will use the QSP-x86 as an example. Please start the simulation with the firststeps-no-network.simics start script, a simple script callback could be written as follow:
simics> load-module eth-links
simics> new-ethernet-switch link0
Created instantiated 'ethernet_switch' component 'link0'
simics> connect link0.device0 board.mb.sb.eth_slot
simics> python-mode
# a callback that does nothing but print a warning
def callback(user_data, clock, packet, crc_status):
print("packet received in snooper")
# callback registration on link0, using the CPU as clock object
ep = conf.link0.link.iface.ethernet_snoop.attach(
conf.board.mb.cpu0.core[0][0], callback, None)
.........
simics>>> (Ctrl-D)
simics> continue
packet received in snooper
packet received in snooper
[...]
The endpoint object returned by the attach() function can be destroyed as any time using SIM_delete_object(), ending the capture. Snooper endpoints are used by the external monitoring tools system described in the previous section to feed to the tools the packets passing on the links.
Ethernet links have built-in commands for monitoring and viewing Ethernet traffic over the link. This feature is an easier approach to quickly get a view of the status over the link. Same as in previous examples, start Simics with the firststeps-no-network.simics start script and enter the following commands:
simics> run-script "targets/qsp-x86/firststeps-no-network.simics"
simics> load-module eth-links
simics> new-ethernet-switch link0
simics> connect link0.device0 board.mb.sb.eth_slot
simics> link0.start-link-monitor
simics> r 75 s
Autologin as "simics" was done on "board.mb.sb.com[0] - serial console".
simics> link0.view-link-monitor
Link link0:
00:17:a0:00:00:00 (::) sent 3 packets to 33:33:ff:00:00:00
00:17:a0:00:00:00 (fe80::217:a0ff:fe00:0) sent 1 packets to 33:33:ff:00:00:00
Each line in the output shows that Ethernet source with IP (*) sent # packets to Ethernet destination. The number of packets is accumulated for the combination of source and destination. At any time it is possible to stop the monitoring by issuing stop-link-monitoring.
It is possible to put breakpoints on a certain Ethernet source, destination or packet type and also as a trace. Here we set up Simics as before:
Break:
simics> run-script "targets/qsp-x86/firststeps-no-network.simics"
simics> load-module eth-links
simics> new-ethernet-switch link0
Created instantiated 'ethernet_switch' component 'link0'
simics> connect link0.device0 board.mb.sb.eth_slot
simics> bp.network.break link0.link src_mac = "00:17:a0:00:00:00"
Breakpoint 2: link0.link will break on src_mac = 00:17:a0:00:00:00
simics> r
[link0.link] Breakpoint 2: link0.link src = 00:17:a0:00:00:00, dst = 33:33:ff:00:00:00, ether_type = 86dd, ip = ::
simics> bp.network.trace link0.link eth_type = 8000
3
Trace:
simics> run-script "targets/qsp-x86/firststeps-no-network.simics"
simics> load-module eth-links
simics> new-ethernet-switch link0
Created instantiated 'ethernet_switch' component 'link0'
simics> connect link0.device0 board.mb.sb.eth_slot
simics> bp.network.trace link0.link dst_mac = "ff:ff:ff:ff:ff:ff"
2
simics> r 100 s
[bp.network trace] [trace:2] link0.link matched dst_mac = ff:ff:ff:ff:ff:ff