TCP/IP Protocol Learning Chapter III

Send the monkeys to the reinforcements.

RFC documentation on IP here!

IP header file or paste it first, and always can't remember.

   0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |  version| IHL |          Type of service|   Total Length |         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+   | Identification |      flags|   Fragment Offset |  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+   |    Time to Live |         Protocol |   Header Checksum |                       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+   |   Source Address |                    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+   |   Destination Address |                    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+   |    Options |   Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 

Network and sub-network partitioning

Not quite understand the meaning of the ABCD four class address division, except in the route selection matching will be used in conjunction with subnetting.

routing table, route selection

Before the undergraduate, IP configuration, the school intranet can be accessed. If you want to access the extranet, you need to dial. But the intranet is inconvenient after dialing.

School website has a small program, can be a fool to modify the system routing. After dialing the intranet outside the network together.

At that time do not understand what this is a thing, in fact, now also want to not understand what is going on, there is no conditions to go back to school test. But at least now it's probably clear that the routing table and routing are selected.

In order to learn, take the company's network experiment. The dual-NIC routing configuration under OSX

Let's go to the program, Python.

When sending raw IP packets with a program, total Length and Checksum are automatically generated by the kernel. As for why, you may see the TCPIP protocol under the detailed (implementation) of the time to know it.

The Checksum algorithm is implemented on its own when simulating the protocol behind it. ICMP, IGMP, UDP, and TCP all use the same tests and algorithms.

One difference is that the first Test and field are the tests and codes based on the IP header. It does not calculate the body. ICMP, IGMP, UDP, and TCP checksum overwrite headers and data.

#!/usr/bin/env python#-*-coding:utf-8-*-"sends a bare IP packet, a 20-byte IP header, followed by a random-write string. Do not know the IP packet ID should be based on what generated, just write a 54321IP head inside    : The IP packet total length attribute and the checksum attribute are automatically generated by the kernel. The protocol is used by the socket. Ipproto_tcp, that is, 6. But no use, the IP packet inside the random string, not according to the TCP protocol. Import socketfrom struct Import packimport sysdef main (): Try:s = Socket.socket (socket.af_inet, socket. SOCK_RAW, Socket. Ipproto_raw) except Socket.error as Msg:print ' socket could not being created. Error Code: ' + str (msg[0]) + ' Message ' + msg[1] return packet = ' source_ip = ' 127.0.0.1 ' dest_ip = ' 127.0.0.1 ' # IP header fields Ip_ver = 4 Ip_ihl = 5 Ip_tos = 0 Ip_tot_len = 0 # kernel'll fill the Corre CT total length ip_id = 54321 Ip_frag_off = 0 Ip_ttl = Ip_proto = socket. IPPROTO_TCP # ip_checksum = 0 # kernel would fill the correct checksum ip_saddr = Socket.inet _aton (source_ip) ip_daddr = Socket.inet_aton (dest_ip) Ip_ihl_ver = (Ip_ver << 4) + IP_IHL # The ! In the pack format string means network order Ip_header = Pack ('!        Bbhhhbbh4s4s ', Ip_ihl_ver, Ip_tos, Ip_tot_len, ip_id, Ip_frag_off, Ip_ttl, Ip_proto, Ip_checksum, Ip_saddr, ip_daddr) User_data = sys.argv[1] If sys.argv[1:] Else ' 0123456 789 ' packet = Ip_header + user_data # The port specified has no effect R = S.sendto (packet, (DEST_IP, 0)) # RE Sult is the length of packet sent out print rif __name__ = = ' __main__ ': main () Ip_check = 1231 # kernel would f Ill the correct checksum

Grab the bag. Operating environment, ubuntu12.04

% sudo tcpdump -i lo -x -vvv -t -c 1                                                                                                ?tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytesIP (tos 0x0, ttl 32, id 54321, offset 0, flags [none], proto TCP (6), length 30)    localhost.12337 > localhost.12851:  tcp 10 [bad hdr length 0 - too short, < 20]    0x0000:  4500 001e d431 0000 2006 c8a6 7f00 0001    0x0010:  7f00 0001 3031 3233 3435 3637 38391 packet captured2 packets received by filter0 packets dropped by kernel

TCP [Bad HDR length 0-too short, < 20] is said that the number of bytes inside the IP body is too small, only 10, less than the TCP header should be 20 bytes.

• 1 bytes, 45, 4 for version, 5 for header Length, Unit 4Byte.

• 2 bytes, XX, OTS (Type of Service), representing the minimum latency, maximum throughput, maximum reliability, and minimum cost characteristics of this IP packet. For example, the IP packet for FTP control should be the minimum latency, IP packet for FTP data, then the maximum throughput The book mentions that

  Now most TCP/IP implementations do not support the TOS feature, but the new system has been set to

  since 4.3BSD Reno. In addition, new routing protocols such as OSPF and Is-is are able to route decisions based on the values of these fields.

• 3, 4 bytes, 001e, total Length. 0x1e = 30; The IP Header of the 01234567890+20 byte sent.
  Because some data links, such as Ethernet, need to be populated with some data to achieve the minimum length. Although the minimum frame length for Ethernet is 46 bytes, the IP data may be shorter, as we are 30. If there is no total length field, then the IP layer does not know how many of the 46 bytes are the contents of the IP datagram. So the total IP packet length This field is required.

• 5, 6 bytes, identification. 0xd431=54321.

• 7, 8 bytes, 0000.

• 9 Bytes, 20. Ttl. When the route forwards this IP packet, it will drop the value by 1, minus 0, and send the ICMP notification host. Trouceroute the use of this.

• 10 Bytes, 06, representing the TCP protocol.

• 11, 12 byte c8a6. Checksum.

• 13–16 bytes, 7f00 0001. Source Address. Represents 127.0.0.1

• 17–20 bytes, 7f00 0001. Destination Address. Represents 127.0.0.1

Checksum is the kernel to help us calculate the good, but later TCP and so on their own forget, here first look at the algorithm.

First, the Test and field are set to 0. Then, a binary inverse code is summed for each of the first bits in the header (the entire header is considered to consist of a string of words with a number of bits)

def checksum(ip_header):    ip_header += chr(0x00)*(len(ip_header)%2)    r = 0    while ip_header:        # 因为ip_header已经是网络序了, 所以这里用H. 否则需要用!H        r += unpack(‘H‘,ip_header[:2])[0]        ip_header = ip_header[2:]    if r > 0xffff:        r = r&0xffff + (r>>16);    return ~r

TCP/IP Protocol Learning Chapter III