IP数据报首部校验和算法 English Version

Copy from:http://cs.nyu.edu/courses/fall98/G22.2262-001/class11.txt

 

The IP packet format:

 

-------------------------------------------------------------------------

| 4-bit   | 4-bit header |8-bit "type | 16-bit total length (in bytes)  |

| version | length       |of service" |                                 |

-------------------------------------------------------------------------

| 16-bit identification               | 3-bit | 13-bit fragment offset  |

|                                     | flag  |                         |

-------------------------------------------------------------------------

| 8-bit "time to live"   | 8-bit      |  16-bit header checksum         |

|                        | protocol   |                                 |

-------------------------------------------------------------------------

|         32-bit source IP address                                      |

-------------------------------------------------------------------------

|         32-bit destination IP address                                 |

-------------------------------------------------------------------------

|          options (if any)                                             |

-------------------------------------------------------------------------

|                                                                       |

|                       data                                            |

|                                                                       |

-------------------------------------------------------------------------

 

 

   Version - currently has the value 4

   Header length - the number of 32-bit words in the header

                 - because this is 4 bits, the max header length

                   is 15 words (i.e. 60 bytes)

                 - the header is at least 20 bytes, but options may

                   make it bigger

   Type of Service - contains a 3-bit precedence field (that is

                     ignored today), 4 service bits, and 1 unused bit.

                     The four service bits can be:

                     1000 - minimize delay

                     0100 - maximize throughput

                     0010 - maximize reliability

                     0001 - minimize monetary cost

                   - This is a "hint" of what characteristics of the

                     physical layer to use

                   - The Type of Service is not supported in most

                     implementations.  However, some implementations

                     have extra fields in the routing table to indicate

                     delay, throughput, reliability, and monitary cost.

   Total Length - specified in bytes.

                - we know where the data starts by the header length

                - we know the size of the data by computing

                  "total length - header length"

   Identification - uniquely identifies the datagram.

                   usually incremented by 1 each time a datagram is sent.

   Flags and Fragmentation Offset - used for fragmentation (described below)

   Time to Live - Upper limit of routers

                - usually set to 32 or 64.

                - decremented by each router that processes the datagram,

                - router discards the datagram when TTL reaches 0.

   Protocol - Tells IP where to send the datagram up to.

            - 6 means TCP

            - 17 means UDP

   Header checksum -  Only covers the header, not the data.

   Source IP address -- the sender

   Destination IP address -- the final destination

   Options -- optional data.  Some examples include having the router

              put in a IP address of router and a time stamp so the

              final destination knows how long it took to get to each hop.

 

Note:  The source and destination in the IP header is the original source

       and the final destination!  The physical layer addresses pass

       the datagram from router to router.  So, while the physical layer

       addresses change from router to router, the source and destination

       IP addresses in the IP datagram remain constant.

 

 

Note:  Here's how to compute a checksum:

 

       1. Put a 0 in the checksum field.

       2. Add each 16-bit value together.

       3. Add in any carry

       4. Inverse the bits and put that in the checksum field.

 

       To check the checksum:

       1. Add each 16-bit value together (including the checksum).

       2. Add in carry.

       3. Inverse the bits.

       4. The result must be 0.

 

       Remember, only the bits in the header are calculated in

       the IP checksum.

 

Example:

 

Consider the following IP header, with source IP address of

146.149.186.20 and destination address of 169.124.21.149.  All

values are given in hex:

 

                     45 00 00 6c

                     92 cc 00 00

                     38 06 00 00

                     92 95 ba 14

                     a9 7c 15 95

 

So, first add all 16-bit values together, adding in the carry each time:

 

   4500

 + 006c

   ----

   456c

 + 92cc

   ----

   d838

 + 0000

   ----

   d838

 + 3806

   ----

  1103e <---But, we have a carry here!  So, remove the leftmost bit

            and add it back in.  So, we get:  103e + 1 = 103f.

   103f

 + 0000

   ----

   103f

 + 9295

   ----

   a2d4

 + ba14

   ----

  15ce8 <---Again, we have a carry here!  So, remove the leftmost bit

            and add it back in.  So, we get:  5ce8 + 1 = 5ce9.

   5ce9

 + a97c

   ----

  10665 <---Again, we have a carry here!  So, remove the leftmost bit

            and add it back in.  So, we get:  0665 + 1 = 0666.

   0666

 + 1595

   ----

   1bfb

 

   Now we have to inverse the bits.

 

        1bfb = 0001 1011 1111 1011

 inverse bits: 1110 0100 0000 0100  = e404

 

   So, the checksum is e404.  So, the IP header we send looks like:

 

                     45 00 00 6c

                     92 cc 00 00

                     38 06 e4 04

                     92 95 ba 14

                     a9 7c 15 95

 

  As an excercise, please act as the receiver, compute the checksum on

  that packet, and make sure the result is 0!

 

 

IP Fragmentation

=================

 

  Note:  the total_length field in the IP header is 16 bits.

         that means the max size of of an IP datagram is

         65535 bytes.

 

         BUT, the physical layer may not allow a packet size of

         that many bytes (for example, a max ethernet packet is

         1500 bytes)

 

         SO, IP must sometimes fragment packets.

 

  - When an IP datagram is fragmented, each fragment is treated

    as a separate datagram.

      - it is reassembles at the final destination, not at a router!

      - it does that because the router may have to fragment it again!

 

  - Each fragment has its own header.

  - The identification number is copied into each fragment.

 

  - One bit in the "flags" field says "more fragments are coming.

     - If that bit is 0, then it signifies this is the last fragment.

 

  - The "fragment offset" field contains the offset of the data.

    NOTE:  fragment flag of 0 and offset of 0 means the datagram

           is not fragmented.

    NOTE: fragment offset is measured in units of 8 bytes (64 bits).

          That is because the fragment offset field is 3 bits shorter

          than the total length field (and 2^3 is 8).

 

  - The entire flags field looks like this:

 

        --------------------------

       | bit 0 | bit 1  | bit 2  |

        --------------------------

 

       bit 0:  not used

       bit 1:  if 1, it means "don't fragment".  If IP must fragment the

               packet and this bit is set, IP throws away the datagram.

       bit 2:  The fragment flag.

 

Example:

 

  Suppose we have a physical layer that can transmit a maximum of 660 bytes.

  And, suppose IP wants to send 1460 bytes of data.  So, the IP datagram

  is a total of 1480 bytes, including the 20 byte IP header:

 

     ---------------------------------------------

     | 20-byte ip header  |   1460 bytes of data |

     ---------------------------------------------

 

  Here is what IP sends:

 

First packet:

 

   bytes:  20                 640

     ---------------------------------------------

     | IP header   |    first 640 bytes of data  |

     ---------------------------------------------

 

   In that packet, "fragment flag" is 1, offset is 0.

 

Second packet:

 

   bytes:  20                 640

     ---------------------------------------------

     | IP header   |   second 640 bytes of data  |

     ---------------------------------------------

 

   In that packet, "fragment flag" is 1, offset is 80.  The offset

   is 80 because (80 * 8) is 640, so the offset of that data is 640

   byes into the packet.

 

   Note: all other fields of the IP header are identical to the

         first packet (except the checksum)!

 

Third packet:

 

   bytes:  20                 640

     ---------------------------------------------

     | IP header   |   third 180 bytes of data   |

     ---------------------------------------------

 

   In that packet, "fragment flag" is 0, offset is 160.  The offset

   is 160 because (160 * 8) is 1280, so the offset of that data is 1280

   byes into the packet.

 

   Note: all other fields of the IP header are identical to the

         first packet except the checksum.

 

 

IMPORTANT:

The routers see 3 separate packets.  The final destination reassembles

the packet before passing the packet to the upper layers.

 

Now, as an exercise, please try to figure out what the "frag flag" and

"offset" would be for the above packets if a router had to pass the

above three packets to a physical layer than only accepted packets of

max size 400.  I'll probably put a question like that on the final.

 

Note:  IP can tell if it's fragmenting a fragment, right?  If a packet

       has "frag flag" of 0 and offset of 0, then the packet is not

       fragmented.  When fragmenting a fragment, IP must make sure

       the final destination can put the packet back together correctly.

       So, IP only sets the "frag flag" to 0 on a packet if in fact

       the packet contains the very last fragment of the entire packet.

 

 

Let's look at a transport-layer protocol:

 

        UDP -- The User DataGram Protocol

 

 - UDP is a simple, connectionless protocol

      - it provides no reliability; it simply sends data to the IP layer

 

 - To use UDP, an application associates itself with a "transport address"

   - for UDP, a transport address is a combination of an IP address and

     a port number

   - a port number is a 16-bit number that uniquely identifies the

     application using UDP.

 

On the server side, the server application does the following:

 

   1. Get a transport endpoint into UDP

   2. Bind to a transport address

   3. Wait for a datagram to arrive

   4. Read the datagram

   5. Send a reply datagram is the application protocol warrents it.

 

On the client side, the client application does the following:

 

   1. Get a transport endpoint into UDP

   2. Bind to a transport address

   3. Send a datagram to the application on the server machine, specifying

      the transport address to which the server bound.

   4. Wait for a reply if the application protocol warrents it

   5. Client should time-out and resend the datagram if a response does not

      arrive after a time-out period.

 

Let's look at the UDP protocol:

 

        -----------------------------------------------------------------

        | 16-bit source port number  |   16-bit destination port number |

        -----------------------------------------------------------------

        | 16-bit UDP length          |   16-bit UDP checksum            |

        -----------------------------------------------------------------

        |                      data                                     |

        -----------------------------------------------------------------

 

  - The length is that of the header and the data in bytes.

       - Header is 8 bytes

       - Note:  Max IP datagram size is 65535 bytes, minus 20 bytes

                for the IP header ===> 65515 bytes left for data.

                But, UDP header is 8 bytes, leaving 65507 bytes for the

                maximum amount of user data.

 

                However, some implementations of UDP limit that value.

                AIX 3.2.2 and Solaris 2.5 and 2.6 allow the full size.

                SunOS 4.1.3 can only accept UDP packets of no more than

                32766 bytes (i.e., 32758 bytes of user data).

 

  - UDP Checksum covers header, data, and extra information.

 

     - To compute checksum:

 

       1.  If the data has an odd length, pad the data with a 0 byte.

       2.  Put a 0 in the checksum field.

       3.  Create a "pseudo-header" that contains a 32-bit source IP

           address, a 32-bit destination IP address, 8 bits of 0's,

           an 8-bit protocol number (17 for UDP), and a 16-bit UDP

           length, followed by the real UDP header, followed by the data.

       4.  Compute the checksum just like IP does it.

       5.  If calculated checksum is 0, store it as all 1's.

 

Note:  You don't have to compute the checksum!

         - if you don't, you must store a 0 in the checksum field.

       Checksum is optional to speed things up in a reliable physical

       layer.

         - usually a tunable parameter to control if a checksum is computed

           or not.

 

Example of checksum

====================

Let's say an application at 198.75.24.121, port 4052 wants

to send a packet containing elvis0 to 198.75.24.36, port 5134.

 

Now, port 4052 is hex 0FD4, and port 5134 is hex 140E.  And, because

the data has 6 characters, the total length is 14 (that hex E).  And,

the word "elvis0" has a ASCII hex representation of "65 6c 76 69 73 00"

 

So, if we put a 0 in the checksum field, the packet looks like this:

 

        0FD4 140E

        000E 0000

        656c 7669

        7300

 

To compute the checksum, we have to create a pseudo header.  Now,

198.75.24.121 has a hex value of C6 4B 18 79.  Also, the destination

(198.75.24.36) has a hex value of  C6 4B 18 24.  And, the value "17"

has a hex value of "11".  So, we create a "pseudo-header" that looks

like this:

 

        C64B 1879    <- source IP address

        C64B 1824    <- destination IP address

        0011 000E    <- 00, 17, and length

        0FD4 140E    <- source port, dest port

        000E 0000    <- length (again) and 0 checksum

        656c 7669    <- "elvi"

        7300         <- "s0"

 

Now add all the 16-bit values together and add in any carry.

 

  C64B

+ 1879

  ====

  DEC4

+ C64B

  ====

  A50F

+    1 <- carry

  ====

  A510

+ 1824

  ====

  BD34

+ 0011

  ====

  BD45

+ 000E

  ====

  BD53

+ 0FD4

  ====

  CD27

+ 140E

  ====

  E135

+ 000E

  ====

  E143

+ 0000

  ====

  E143

+ 656c

  ====

  46AF

+    1 <- carry

  ====

  46B0

+ 7669

  ====

  BD19

+ 7300

  ====

  3019

+    1 <- carry

  ====

  301A

 

In binary, that 0011000000011010.  Inverse it, you get 1100111111100101,

which is CFE5.  That's the checksum!

 

你可能感兴趣的:(english)