Analysis of IP sharding

In TCP/IP tiering, the data link layer uses the MTU (Maximum transmission Unit, Maximum transmission unit) to limit the packet size that can be transmitted, and the MTU refers to the maximum length of data transmitted at one time, excluding the frame header of the data Link layer data frame. If the MTU of the Ethernet is 1500 bytes, the maximum length of the data frame is 1512 bytes, where the frame header of the Ethernet data frame is 12 bytes.

When the size of the IP datagram sent exceeds the MTU, the IP layer needs to shard the data, otherwise the data will not be sent successfully.

Implementation of IP Sharding

IP shards occur in the IP layer, not only the source-side of the primary opportunity to Shard, intermediate routers may also be fragmented, because the different network MTU is not the same, if the transmission path of a network on the MTU than the source-side network MTU is smaller, the router may re-shard the IP datagram. The reorganization of Shard data will only occur at the IP layer of the destination.

The IP header has 4 bytes for the Shard, as shown in. The first 16 bits are the identity of the IP datagram, and the identity of each shard of the same datagram is the same, and the destination determines whether the IP shard belongs to the same IP datagram according to the identity. The middle 3 bits are flag bits, where 1 bits are used to indicate whether there are more shards, and if this is the last Shard, the flag bit is 0, otherwise 1. The following 13 bits represent the offset of the Shard at the original data, where the original data is the transmitted TCP or UDP data received by the IP layer and does not contain the IP header.

Flag field: occupies 16 bits. Used to uniquely identify each datagram sent by the host. Usually each message is sent with a value of 1. It's ipid.
Meaning of the three flag bits:
R: Keep unused;
Df:don ' t Fragment, "non-fragmented" bit, if this bit 1,IP layer will not shard the datagram; instead, discard the datagram and send an I C M P error message and notify the source host of the reason for its abandonment.
Mf:more Fragment, "more films", in addition to the last piece, each of the other components of the datagram to put the bit 1;
Fragment offset: The slice offsets the position at the beginning of the original packet. The number of bytes offset is the value multiplied by 8.

Note that in the Shard data, the header of the transport layer will only appear in the first Shard, as shown in. Because the data format of the transport layer is transparent to the IP layer, the header of the transport layer only has its role in the transport layer, and the IP layer does not know or need to ensure that there is a transport layer header in each shard. Therefore, packets that are transmitted over the network may not have the header of the transport layer.

Avoid IP shards

In network programming, we want to avoid the occurrence of IP shards, then why should we avoid it? The reason is that the IP layer is not time-out retransmission mechanism, if the IP layer of a packet is fragmented, as long as there is a shard is lost, can only rely on the transport layer for retransmission, the result is all the shards are to be re-transmitted, the cost is a bit large. This shows that the IP shard will greatly reduce the transmission layer transfer data success rate, so we want to avoid IP shards.

For UDP packets, we need to limit the size of each package at the application level, typically not more than 1472 bytes, i.e. Ethernet MTU (-UDP) header (8)-ip header (20).

For TCP data, the application layer does not need to consider this problem, because the transport layer has done for us. In the process of establishing a connection of three times, the connecting parties will notify each other MSS (Maximum Segment Size, maximum message length), MSS is generally MTU-IP first (-TCP) header (20), each send TCP data will not exceed the minimum value of MSS, Therefore, it is ensured that the IP datagram does not exceed the MTU and avoids the IP shards.

IP Shard Instance

1. UDP

Send 3000 bytes of UDP data from 10.224.142.166 to 10.137.133.101, as the result of the packet capture. Can see this UDP packet is divided into 3 IP slices, from the offset of each shard can be seen, 3 pieces contain UDP data size is 1480, 1480, 48 (plus UDP header 8 bytes), each shard plus the size of the IP header is 1500, 1500, 68, the total UDP data size transmitted is 3008, and it is also shown that only one shard contains the UDP header.

2. TCP

Send 2000 bytes of TCP data from 10.224.142.166 to 10.137.133.101, as the result of the packet capture. It can be seen that the TCP data is divided into 2 IP slices, including the data size of 1448, 552, from three handshake can be seen by the two sides of the MSS are 1460 bytes, just the MTU (-IP) First (-TCP) header (20), But actually why the first shard only sent 1448 bytes, personally think it should be TCP header and some options take up 12 bytes, please know the talent to explain.

Analysis of IP sharding