bgp protocol needs tcp_reassemble()

[mike-dubrovsky]

Brief description

Because bgp runs on top of tcp - there could be a single bgp update encapsulated into multiple tcp packets.
See for example packets 17 and 18 in the attached pcap.

capture.pcap.zip

So we need to implement bgp version of tcp_reassemble() to decode the update (see for more info https://scapy.readthedocs.io/en/latest/usage.html#how-to-use-tcpsession-to-defragment-tcp-packets).

Scapy version

the latest git version on 3/16/2025 sha a4f958b

Python version

3.13.2

Operating system

24.3.0 Darwin Kernel Version 24.3.0

Additional environment information

No response

How to reproduce

The attached script does not find bgp update in packet 17 and 18 of the attached packet capture.

test_scapy.py.zip

Actual result

script finds bgp update only in packet 21

Expected result

bgp update should be found in packet 17/18

in some older version of scapy - the update was found ... but scapy could not parse full update.

Related resources

It should be relatively easy to implement. See

https://datatracker.ietf.org/doc/html/rfc4271#section-4.1

[gpotter2]

Sorry for the delay, and thanks a lot for the issue.
This should be fixed by #4756.

Just so it's clear: to use TCP reassembly, you need to pass session=TCPSession to your sniff().