Internet Protocol)
1. Introduction
1.1. Cause
The IP protocol is used to connect multiple packet exchange networks. It transfers something called a datagram before the source address and the destination address. It also provides the data size re-assembly function, to meet the packet size requirements of different networks.
1.2. Range
The IP address is responsible for transmitting data from the source to the destination. It is not responsible for ensuring the transmission reliability, flow control, packet sequence and other services that are common for the host-to-host protocol.
1.3. Interface
The Protocol is called from the host to the host, and the protocol is used to call the local network protocol to transmit the datagram to the next gateway or target host. For example, TCP can call the IP protocol and send the destination address and source address as parameters during the call. The IP address forms a datagram and calls the local network (Protocol) interface to send the datagram.
1.4. Operation
IP address implements two basic functions: Addressing and segmentation. An IP Address can send a datagram to a destination address based on the destination address included in the datagram header. During this process, the IP address is responsible for selecting the route for transmission. This routing function is called routing. If some networks can only transmit small data packets, IP addresses can re-assemble the data packets and indicate them in the header domain. The IP module includes these basic functions. These modules exist on each host and on the Internet, and these modules (especially on the gateway) have routing selection and other service functions. For IP addresses, there is no connection between data packets, and it is hard to say what connections or logical links are for IP addresses.
IP addresses use four key technologies to provide services: service type, survival time, options, and header verification code. Service type refers to the desired service quality. A service type is a parameter set, which represents the ability of the Internet to provide services. This type of service is used by the gateway to select the actual transmission parameters on a specific network, the next network to be routed, or the next gateway to route the datagram. The survival time is the maximum time that a datagram can survive. It is set by the sender and processed by the route. If the survival time is zero when it does not arrive, discard this datagram. Option is important for control functions, but it is unnecessary for common communication. The options include timestamp, security, and special routing. The header Verification Code ensures correct data transmission. If the verification fails, the entire datagram is discarded.
The IP address does not provide reliable transmission services. It does not provide end-to-end or (route) node validation and does not control data errors. It only uses the header verification code, it does not provide re-transmission and traffic control. If an error occurs, use the ICMP Report, which is implemented in the IP module.
2. Overview
2.1. Contact with other Protocols
Shows the position of the IP protocol in the protocol system.
There are two interfaces on and off the IP address, one is the interface with the host and the other is the interface with the local network, the local network can be a small network or a large network, maybe.
2.2. Operation Mode
The following example shows what the operating model is. We assume that the transmission must go through the intermediate gateway. The transfer process calls the local IP module to send data, and transmits the destination address and other parameters as the call parameters. The IP layer prepares the data header and adds it to the data to be transferred. The IP Module determines a local network address for this network address, which is the gateway address here. The IP address transmits the datagram and the local network address to the network interface. Create a local network header for the local network interface and add it to the data report, and then send it to the local network.
After the datagram with the local network header arrives at the gateway, the local network interface removes this header and sends the result to the IP Module (on the gateway. This IP Module determines the main local network address of the target, and then reports the data transmitted to the local network interface as described above. This local network interface creates a local network header and sends the datagram to the target host. On the target host, the local network interface removes the local network header in the data report and delivers the result to the IP module. The IP Module determines the application to which the datagram should be transmitted. The system calls the data, and the IP Module returns the source address and other parameters.
2.3. Function Description
The IP address function is to transmit data packets over an interconnected network. It is achieved by transmitting data packets between IP modules until the target module. Each host and gateway in the network has an IP module. The datagram is transmitted to the destination address through a route processing network address between modules. Therefore, the network address is very important for the IP protocol. As mentioned above, because the datagram sizes on each network may be different, it is necessary to segment large data packets.
Addressing
There is a difference between the name, address, and route. The name is what we are looking for. The address indicates where the name is located and how the route solves the problem. IP addresses mainly handle address issues. The upper-layer protocol is used to map names and addresses. The IP Module maps the address and the local network address, and ing the local network address and route is a task of Low-layer protocol.
The address is 32-bit long and consists of a network number and a local address. There are three types of addresses: the highest bit of class A is 0, the last 7 bits represent the network number, the other 24 bits represent the local address, the first two bits of Class B are 10, and the last 14 bits represent the network address, the other 16 bits indicate the local address. The three bits in Class C are 110, the last 21 bits indicate the network number, and the other 8 bits represent the local address.
When you map a network address to a local network address, note that some hosts may use several different IP addresses (we can regard the local network address as a MAC address ). We must be able to process a host with several processing ports, and each port has several logical IP addresses.
Segmentation
For different networks, the size of packets transmitted may be different. Therefore, the function of dividing large packets into small ones is required. A datagram can also be marked as "non-segmented". If a datagram is marked, it cannot be segmented under any circumstances. If the destination cannot be reached without segmentation, the package will be abandoned halfway. The IP module is invisible to the IP address module for re-segmentation and re-reorganization within the region network. This method can also be used.
The segment and reorganization of the Region network add tags to the segment, and the receiver uses these tags to differentiate different segments. The segment offset field tells the receiver where to place the segment, and the multi-segment mark indicates the last segment. A datagram can be reorganized using different domains. A tag domain is used to uniquely mark a datagram. It is the original sender setting and must be unique throughout the network transmission process. The sender sets the multi-segment tag to zero and the segment offset to zero.
Let us assume that the IP module divides a large datagram into two small ones. The IP module first obtains the data header, then separates the data into two parts, and adds the data header to the two parts. Data is separated by 8 bytes. The second segment is not necessarily 8 bytes, but the first segment must be. We call the 8-bit bytes in the first section as the number of segments (NFB ). The first newly generated data packet is the first data segment generated, and the multi-segment mark is 1. The second newly generated data packet is the second data segment generated, the multipart mark is equal to the value in the original datagram, and the segment offset is equal to the value in the original datagram plus NFB. The above process can be expanded from 2 to n.
For segment reorganization, the following four domains must have the same values: Tag, source address, target address, and protocol. Recombine different datagram data into a new segment based on its own offset. the offset of the first segment is 0, and the multi-segment of the last segment is marked as 0.
2.4. Gateway
The gateway transmits data packets between different networks. The Gateway also implements the gateway-to-Gateway Protocol (GGP), which is used to transmit routing and other control information. The high-level protocols in the gateway do not need to be implemented at all. GGP functions can be implemented in the IP module.
3. Description
3.1. Internet Header Format
The Header Format is as follows:
Version: 4 digits
The format of the header in this field. We now describe IP version 4.
IHL: 4-digit
The Internet header length is a 32-bit header length. It points to the starting position of the data. The minimum valid value of this field is 5.
Service type: 8-bit
It is a number of parameters that indicate the quality of service. These parameters are used to indicate the services required in a specific network. Some networks provide priority services. The basic principle of selection is the balance between the following three: low latency, high reliability and high throughput.
0-2: Priority
3: 0 = normal latency 1 = low latency
4: 0 = normal throughput 1 = high throughput
5: 0 = general reliability 1 = High Reliability
6-7: Reserved
The priority is described as follows:
111-Network Control
110-Internetwork Control
101-critic/ECP
100-Flash override
011-flash
010-immediate
001-priority
000-routine
If latency (D), throughput (T), and reliability (r) options are used, service quality can be increased. This varies with different networks and is not universal. Except in special cases, you can set up to two parameters. A service type is used to indicate how data packets are transmitted over the network. The Network Control priority is originally used in a network, but is actually applied to each network. Interconnection control is used for gateway control. If you only implement these parameters in one network, the network must control access to them within its own range.
Total Length: 16 bits
The total length refers to the length of the datagram, measured in bytes, including the data and header. The allowed datagram size is 64 KB. Such a large data packet is not applicable to most hosts and networks. However, all hosts must be able to receive data packets larger than 576 bytes, whether they come together or in segments. If you know that the recipient's host can receive data packets larger than 576 bytes, it is best not to send data packets smaller than 576 bytes at the time of sending. 576 is selected because 576 = 512 (data) + 64 (header ). The header cannot exceed 60 bytes, usually 20 bytes.
ID: 16 bits
The flag is sent to help reorganize the packets in segments.
Tag: 3 bits
0: reserved, must be 0
1: (DF) 0 = segmented, 1 = non-segmented
Bit 2: (MF) 0 = last segment, 1 = multiple segments
Segment offset: 13 BITs
This field indicates the location of the segment in the datagram. It is calculated in 64 bits and the offset of the first segment is zero.
Survival: 8-bit
This field specifies the maximum time for a datagram to survive in an Internet system. If the value of this field is zero, discard this datagram. This field is also processed while processing the header. The time is measured in seconds, but each processing unit will at least reduce the TTL by one, even if the time is less than one second.
Protocol: 8-bit
This field indicates the next layer of protocol used for the data part of the datagram.
Header verification code: 16 bits
The verification code is only in the header, so the header field will change during processing, so the header will change frequently. This verification method is relatively easy to calculate. Experiments prove that it is also applicable, but it may be replaced by the CRC verification process in the future.
Source Address and Destination Address: 32-bit. For details, see the following.
Option: Variable Length
You can select or not in the datagram, but the IP module must have the processing option function. In some cases, security options are required. Its length is not fixed. It can be either zero or multiple. There are two options:
1: A separate option type byte
2: one option type byte, One Option Length byte, and the actual option Data byte
The option length is the option type, length and Data Length. The option type can be viewed as having three fields:
1-bit replication tag
2-digit option class
Five-digit option number
The copy tag indicates that this option must exist in all segments.
0 = do not copy
1 = copy
Options include:
0 = Control
1 = Reserved
2 = scheduling and Measurement
3 = Reserved
The following are specific options:
Class |
Number |
Length |
Description |
0 |
0 |
- |
The option table ends. Only one byte, no length bytes |
0 |
1 |
- |
No operation. Only one byte, no length bytes |
0 |
2 |
11 |
Security: transfer security, compartmentation, user group (TCC), and DOD rule-compatible processing limit code |
0 |
3 |
Variable Length |
Use the information provided by the source address for routing. |
0 |
9 |
Variable Length |
Use the information provided by the source address for routing. |
0 |
7 |
Variable Length |
Record Route, used to track the route used by the datagram |
0 |
8 |
4 |
Stream ID, used to transfer the stream tag |
2 |
4 |
Variable Length |
Internet Timestamp |
Definition of specific options
Option table ended
+ -------- +
| 1, 00000000 |
+ -------- +
Type = 0
This option indicates the end of the Option table. It is used to indicate the end Of the option table rather than the end of each option, it is used only when the end position of the Option table is different from the end position of the header. It can be copied, introduced, or deleted during segmentation.
No operation
+ -------- +
| 1, 00000001 |
+ -------- +
Type = 1
This option can be used between options. It can be copied, introduced, or deleted during segmentation.
Security
This option provides a host Method for sending security, compartmentation, processing restrictions, and TCC parameters. The format of this option is as follows:
Type = 130 length = 11
Security (s domain): 16-bit
Security is divided into 16 levels, with 8 levels retained.
00000000 00000000-unclassified
11110001 00110101-confidential
01111000 10011010-efto
10111100 01001101-mmmm
01011110 00100110-Prog
10101111 00010011-restricted
11010111 10001000-secret
01101011 11000101-absolute confidential
00110101 11100010-Reserved
10011010 11110001-Reserved
01001101 01111000-Reserved
0