ted@blia.UUCP (Ted Marshall) (11/25/86)
Subject: Re: Ethernet promiscuious mode (VAX/VMS) Newsgroups: mod.computers.vax Summary: I have used it References: <8611221439.AA10228@ucbvax.Berkeley.EDU> In article <8611221439.AA10228@ucbvax.Berkeley.EDU>, WARNOCK@clemson.CSNET (Todd Warnock) writes: > What is the best place to find out about the promiscuious mode on ETHERNET ? > In particular, what's required to implement this from an application > program (ie: a network monitor ...) Are their publications that deal with > this type of application ? I have used the DEUNA promiscuious mode in VMS to write a message capture facility and can give a few details: I normal mode the driver programs the DEUNA to receive messages addressed to one normal ethernet address (plus the broadcast and some multicast addresses). All messages addressed to other ethernet addresses are discarded by the hardware. Once the hardware receives a valid message, it gives it to the driver which writes it to one of the ports (channels) according to the protocol type field in the ethernet header. When a port is opened in promiscuious mode, the driver reprograms the DEUNA to receive messages addressed to ANY ethernet address. The driver writes copies of all received messages to the promiscuious port. Afterwards, it applies the address filter normally done by the hardware and if the message passes, copies are also written to the appropriate normal port. The upshot of this is that you (the program with the promiscuious port) see (almost) every message on the ethernet without (most of the time) disrupting operation of other ethernet users, for example DECnet. The "almost" and "most of the time" above are due to the fact the now the DEUNA driver is busy looking at EVERY message the comes across the ethernet wire. If you have a moderately busy ethernet and a slow vax, you can end up seeing only a small fraction of the message (causing DECnet to break) Meanwhile, the driver is eating up 60% of your VAX! The bottom line is, of course, use promiscuious mode with caution! One more warning: I developed my program under VMS 4.2. I recently tried to run it under 4.4 without success. A comment made by a developer at the last DECUS symposium leads me to believe that this is may be a 4.4 bug, to be fixed in 4.5. Anyway, if you still want to try it, your program just has to include NMA$C_PCLI_PRM with NMA$C_STATE_ON in the P2 buffer for the SETMODE call to start up the port. VMS will only allow one port per DEUNA to be set to promiscuious mode. Also PHY_IO priviledge is required. (VMS system managers take note: if you give someone PHY_IO, they can write a program that can see any packet on the ethernet!) For more details, see the VMS I/O User's Reference, part II. Hope this all helps. Ted Marshall @ Britton Lee, Inc. 14600 Winchester Blvd. Los Gatos, Ca 95030 (408) 378-7000