"这篇博客介绍了如何解决Intel PRO/1000或PRO/100以及Broadcom千兆网卡在接收数据包时过滤VLANtag的问题。针对Intel网卡,需要在注册表HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E972-E325-11CE-BFC1-08002BE10318}
VLAN tag是在802.1Q中定义的标签,带VLAN tag的报文头格式如下:
01 0c cd 01 00 01 00 01 7a 01 00 52 __81 00 00 00__
81 00为TPID,即表明此数据包为带802.1Q/802.1P标签的数据包;
接下去的00 00为TCI(标签控制信息字段),表示为二进制共有16位,其中前3位为优先级,第4位为CFI,通常为0,第5-16位为VLAN ID,VLAN ID为0用于识别帧优先级。
某一些网卡驱动默认会在接收数据包的时候过滤vlan tag,使得用wireshark抓到的数据包中不含vlan tag,此时需要通过修改注册表让驱动保留vlan tag。
对于Intel PRO/1000或PRO/100网卡,需要将注册表HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\00xx下的MonitorModeEnabled改为1,如果不存在则新建这么一个dword键。
对于Broadcom千兆网卡,需要在注册表里增加一项PreserveVlanInfoInRxPacket=1,类型为string。位置与TxCoalescingTicks相同,后者可以在HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet下搜索到。
修改后需要重启机器让它生效。这个修改办法是在UniCA User Manual中看到的,较新的网卡驱动里都支持这个设置,原文如下:
Intel PRO/1000 or PRO/100 Ethernet controller which are used in e.g.
IBM Notebooks
(T40 series and others) do not forward VLAN tags to the upper layers;
By default, Intel
adapters strip the VLAN tag before passing it up the stack. If you need
to see the tag you
need to use these driver versions: PRO/100 6.x or 7.x or later base
driver, PRO/1000
7.2.17.803 (plain 7.2.17 does not have this feature). To enable, you
must go into the
registry and either add a registry dword and value (for e100) or change
the value of the
registry key (for e1000). The registry dword is MonitorModeEnabled (for
both). It should
be placed at
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class{4D36E972-E325-11CE-BFC1-08002BE10318}\00xx
where xx is the instance of the network adapter that
you need to see tags on. (Check by opening and viewing the name of the
adapter). It
should be set to read: MonitorModeEnabled= 1. Note: ControlSet001 may
need to be
CurrentControlSet or another 00x number
For Broadcom 570x Gigabit adapters (for example in Dell systems); Add a registry key
under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet to cause the driver not to
strip the 802.1Q VLAN header. In order to set that key, you need to find the right instance
of the driver in Registry Editor and set that key for it.
Run the Registry Editor (regedt32).
Search for “TxCoalescingTicks” under
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet" and ensure this is the only
instance that you have.
Right-click on the instance number (eg. 0008) and add a new string value.
Enter “PreserveVlanInfoInRxPacket” and give it the value “1″.
Save and Reboot
You may need to install a recent driver (version 8.27) to make this setting effective
扫一扫
3794
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
