IP datagram Header highest bit on the left, recorded as 0 bit, the lowest bit on the right, recorded as a bit
Version:
4 bits, refers to the IP protocol version of the current IP protocol version number is 4 (that is, IPV4)
Header Length:
4 bits, the maximum value that can be represented is 15 units (4 bytes in one unit) so the maximum of the first ministerial degree of the IP is 60 bytes
Differentiated Services:
8 bits, used to get better service, is called the service type in the old standard, but has not been used. 1998 This field is renamed as a differentiated service. This field only works if you are using Differentiated Services (DIFFSERV). This field is not used in the general case
Total length:
16 bits, the length of the sum of the header and data, in bytes, so the maximum length of the datagram is 65535 bytes. The total length must not exceed the maximum transfer unit MTU
Identity:
Occupies 16 bits, it is a counter that is used to generate the identity of the datagram
Logo (flag):
3-bit, currently only the first two bits have meaning
Mf
- The lowest bit of the Flag field is MF (more Fragment)
- Mf=1 indicates "There are shards" later. Mf=0 represents the Last Shard
Df
- The one in the middle of the Flag field is DF (Don ' t Fragment)
- Shards are allowed only when df=0
Chip Offset:
Occupies 12 bits, which refers to the relative position of a piece in the original group after the Shard. Slice offset in 8-byte offset units
Survival time:
The maximum number of routers that are recorded as TTL (Time to Live) datagrams in the Network, and the TTL field is the initial setting of a 8 bit field by the sending side. The recommended initial value is specified by the assigned number RFC and the current value is 64. When sending an ICMP echo response, the TTL is often set to the most Large value 255
Agreement:
8 bits, which indicates what protocol the data is carrying in this datagram so that the IP layer of the destination host is given the data portion of the process, 1 is the ICMP protocol, 2 is the IGMP protocol, 6 is the TCP protocol, and 17 is the UDP protocol.
First Inspection and:
Accounted for 16 bits, only the header of the test datagram does not test the data section. There is no CRC test code and a simple calculation method is used.
Source Address and Destination address:
Each account is 4 bytes, recording the source address and destination address, respectively.
Address Resolution Protocol ARP
Description
ARP each host has an ARP cache (ARP cache), which has the IP address of each host and router on the local area network to the hardware address of the mapping table
Role:
Know its physical address by IP address
Steps:
Attention:
- Other hosts on the network do not respond to ARP queries, and only the receiving host receives this frame to respond to the sending-side host
- ARP is the problem of mapping the IP address and hardware address of the host or router on the same LAN. If the host and the source host is not the same LAN, then through the ARP to find a router located on the local area network hardware address, and then send packets to this router, Let the router forward the packet to the next network. The rest of the work will be done by the next network.
- The resolution from the IP address to the hardware address is automatic, and the user of the host is unaware of this address resolution process.
- The host or router communicates with a host or router on another known IP address on the network, and the ARP protocol automatically resolves the IP address to the hardware address required by the link layer
Four typical cases:
- The sender is the host, and the IP datagram is sent to another host on the network. This is where the hardware address of the destination host is found with ARP
- The sender is the host to which the IP datagram is sent to the other network. At this point, ARP finds a router hardware address on the network. The rest of the work is done by this router
- The sender is the router that forwards the IP datagram to a host on the network. This is where the hardware address of the destination host is found with ARP
- The sender is the router that is going to forward the IP datagram to a host on another network. The hardware address of a router on the network is then found with ARP. The rest of the work is done by this router.
Header format:
Description
- The hardware Type field represents the type of hardware address. Its value is 1, which means the Ethernet address
- The protocol Type field represents the type of protocol address to be mapped. Its value is 0x0800, which means the IP address
- The hardware address length and protocol address length indicate the length, in bytes, of the hardware address and protocol address, respectively. For ARP requests or responses for IP addresses on Ethernet, they are 6 and 4, respectively.
- The action field indicates four types of operations, which are ARP requests (value 1), ARP reply (value 2), RARP request (value 3), and RARP answer (value 4)
- The next four fields are the hardware address of the sending side (in this case, the Ethernet address), the Protocol address (IP address) of the sender, the hardware address of the destination, and the protocol address of the destination side.
Inverse Address Resolution Protocol RARP
Defined:
Reverse Address Resolution Protocol RARP enables a host that knows only its hardware address to know its IP address
Use:
Such hosts are often diskless workstations. So the RARP protocol is rarely used
RARP and RAP:
Inter-network Control Message Protocol ICMP
Objective:
To improve the chances of successful IP datagram delivery
Attention:
- Allow hosts and routers to report error conditions and provide reports on abnormal conditions
- ICMP is not a high-level protocol, but an IP layer protocol
- The ICMP packet acts as the data of the IP layer datagram, plus the header of the datagram, which makes up the IP datagram sent out
- The first 4 bytes of the ICMP message are in a uniform format, with a total of three fields: the type, the code, and the test and. The next 4 bytes of content are related to the type of ICMP
Kinds:
- ICMP Error Reporting message:
- The end is not reached
- Source Point suppression (source quench)
- Time exceeds
- Parameter issues
- Change Route (redirect) (Redirect)
- ICMP Inquiry Message:
- Echo Request and reply message
- Timestamp request and Reply message
Message format:
ICMP address mask request and reply message
ICMP timestamp request and reply message
ICMP Unreachable message
ICMP echo Request and ECHO Response message format
ICMP super-Times article
ICMP Redirect Message
ICMP router Request message format
ICMP Router Advertisement message format
Error message format for ICMP Source station suppression
ICMP Type:
The ICMP error reporting message should not be sent:
- ICMP error Reporting messages are not sent for all subsequent datagrams of the first Shard's data sheet
- Multicast address datagrams do not send ICMP error reporting messages
- Datagrams for special addresses (such as 127.0.0.0 or 0.0.0.0) do not send ICMP error reporting messages
Internet Group Management Protocol IGMP
Message format:
Role:
It is the protocol for IP multicast member management in the TCP/IP protocol family, which is used to establish and maintain multicast group membership between IP hosts and multicast routers directly adjacent to them
Function:
When a host joins a new group, it sends an IGMP message to the group address to declare its membership, and the multicast routers and switches can learn from the members of the group. Using the information obtained from IGMP, routers and switches maintain a list of multicast group members on each interface
Two stages:
- Join:
- When a host joins a new multicast group, an IGMP message is sent to the multicast address of the multicast group stating that it wants to be a member of the group. After the local multicast router receives the IGMP message, it forwards the group memberships to other multicast routers on the Internet
- Ask:
- Periodically inquire hosts on the local LAN to see if they continue to be members of the group
- Attention:
- Because the group membership relationship is dynamic, the multicast router will assume that it is active as long as the local multicast router has a host response to a group.
- However, after a few inquiries, a group still does not have a host response, and the group's membership is no longer forwarded to other multicast routers
Data package:
IGMP uses an IP datagram to deliver its message (that is, IGMP packets plus IP headers constitute an IP datagram), but it also provides services to IP
Specific measures:
- All communication between the host and the multicast router is using IP multicast
- Multicast routers when inquiring about group membership, only one request message is sent to all groups, instead of sending an inquiry message to each group. The default query rate is sent every 125 seconds
- When several multicast routers are connected on the same network, they can quickly and efficiently select one of them to inquire about the host's membership
- There is a value N in the request message for IGMP, which indicates a maximum response time (the default value is 10 seconds). When asked, the host randomly chooses between 0 and N to send a response to the delay required. Responses that correspond to the minimum latency are sent first
- Each host in the same group listens for a response, and as long as the other hosts in the group send a response, they can no longer send a response.
Tcp/ip--ip protocol header format with the four protocols (ARP,RARP,ICMP,IGMP) that it uses to match