Home Technique IP datagram

IP datagram



Introduction

TheprotocolunitofIPprotocolcontroltransmissioniscalledIPdatagram(IPDatagram,IPdatagram,IPpacketorIPpacket).TheIPprotocolshieldsthedifferencesbetweenthevariousphysicalsubnetsofthelowerlayer,andcanprovideIPdatagramsinauniformformattotheupperlayer.TheIPdatagramadoptsthedatagrampackettransmissionmethod,andtheserviceprovidedisaconnectionlessmethod.TheformatoftheIPdatagramcanexplainwhatfunctiontheIPprotocolhas.AnIPv4datagramconsistsofaheaderandadata.Amongthem,thedataisthedatathattheupperlayerneedstotransmit,andtheheaderisthecontrolinformationaddedforthecorrecttransmissionoftheupperlayerdata.Thefirstpartoftheheaderhasafixedlength,atotalof20bytes,whichismandatoryforallIPdatagrams.Behindthefixedpartoftheheaderisanoptionalfieldwithvariablelength.

Structure

Fixedpart

(1)Versionoccupies4digits,referringtotheversionoftheIPprotocol.TheversionoftheIPprotocolusedbybothpartiesmustbethesame.ThewidelyusedIPprotocolversionnumberis4(thatis,IPv4).RegardingIPv6,itisstillinthedraftstage.

(2)Headerlengthoccupies4digits,andthelargestdecimalvaluethatcanberepresentedis15.Pleasenotethattheunitofthenumberrepresentedbythisfieldisa32-bitwordlength(a32-bitwordlengthis4bytes).Therefore,whentheIPheaderlengthis1111(thatis,15indecimal),theheaderlengthreaches60byte.WhenthelengthoftheheaderoftheIPpacketisnotanintegermultipleof4bytes,thelastpaddingfieldmustbeusedtofillit.Therefore,thedatapartalwaysstartsatanintegermultipleof4bytes,whichismoreconvenientwhenimplementingtheIPprotocol.Thedisadvantageoftheheaderlengthbeinglimitedto60bytesisthatitmaynotbeenoughsometimes.Butthisisdoneinthehopethatuserswillminimizeoverhead.Themostcommonlyusedheaderlengthis20bytes(thatis,theheaderlengthis0101),andnooptionsareusedatthistime.

(3)DifferentiatedServicesoccupies8positionstoobtainbetterservices.Thisfieldwascalledtheservicetypeintheoldstandard,butithasnotactuallybeenused.In1998,theIETFrenamedthisfieldasDifferentiatedServices(DS).Thisfieldonlyworkswhenusingdifferentiatedservices.

(4)TotallengthTotallengthreferstothelengthofthesumoftheheaderanddata,inbytes.Thetotallengthfieldis16bits,sothemaximumlengthofthedatagramis2^16-1=65535bytes.

EachdatalinklayerbelowtheIPlayerhasitsownframeformat,includingthemaximumlengthofthedatafieldintheframeformat,whichiscalledtheMaximumTransferUnit(MTU).Whenadatagramisencapsulatedintoalinklayerframe,thetotallengthofthedatagram(thatis,theheaderplusthedatapart)mustnotexceedtheMTUvalueofthedatalinklayerbelow.

(5)Identification(identification)occupies16digits.TheIPsoftwaremaintainsacounterinthememory.Eachtimeadatagramisgenerated,thecounterisincrementedby1,andthisvalueisassignedtotheidentificationfield.Butthis"identification"isnotasequencenumber,becauseIPisaconnectionlessservice,andthereisnoproblemofsequentialreceptionofdatagrams.WhenadatagrammustbefragmentedbecauseitslengthexceedstheMTUofthenetwork,thevalueofthisidentificationfieldiscopiedtotheidentificationfieldofalldatagrams.Thevalueofthesameidentificationfieldenableseachdatagramafterfragmentationtobefinallyreassembledintotheoriginaldatagramcorrectly.

(6)Flag(flag)occupies3digits,butonly2digitsaremeaningful.

●ThelowestbitintheflagfieldismarkedasMF(MoreFragment).MF=1meansthatthereare"fragmented"datagramsbehind.MF=0meansthisisthelastofseveraldatagramfragments.

●TheonebitinthemiddleoftheflagfieldismarkedasDF(Don’tFragment),whichmeans"cannotbefragmented".FragmentationisallowedonlywhenDF=0.

(7)Chipoffsetoccupies13bits.Thesliceoffsetindicatestherelativepositionofasliceintheoriginalgroupafterthelongergroupissliced.Thatis,relativetothebeginningoftheuserdatafield,wheredoesthepiecestart.Thechipoffsetuses8bytesastheoffsetunit.Thismeansthat,exceptforthelastfragment,thelengthofeachfragmentmustbeanintegermultipleof8bytes(64bits).

(8)TimetoLiveoccupies8digits.ThecommonlyusedEnglishabbreviationforthetimetolivefieldisTTL(TimeToLive),whichindicatesthelifetimeofthedatagraminthenetwork.Thisfieldissetbythesourceofthedatagram.ItspurposeistopreventundeliverabledatagramsfromgoingaroundtheInternetindefinitely,thusconsumingnetworkresourcesinvain.TheoriginaldesignusessecondsastheunitofTTL.Everytimeitpassesthrougharouter,theTTLissubtractedfromtheperiodoftimethedatagramisconsumedbytherouter.Ifthetimeconsumedbythedatagramontherouterislessthan1second,theTTLvalueisreducedby1.WhentheTTLvalueis0,thedatagramisdiscarded.Later,thefunctionoftheTTLfieldwaschangedto"hoplimit"(butthenameremainsunchanged).TherouterreducestheTTLvalueby1beforeforwardingthedatagram.IftheTTLvalueisreducedtozero,thedatagramisdiscardedandnolongerforwarded.Therefore,theunitofTTLisnolongerinseconds,butinhops.ThemeaningofTTListospecifyatmosthowmanyroutersadatagramcanpassthroughinthenetwork.Obviously,themaximumnumberofroutersthatadatagrampassesonthenetworkis255.IftheinitialvalueofTTLissetto1,itmeansthatthedatagramcanonlybetransmittedinthelocalareanetwork.

(9)Protocoloccupies8bits,andtheprotocolfieldindicateswhichprotocolisusedforthedatacarriedinthisdatagram,sothattheIPlayerofthedestinationhostknowsthatthedatapartshouldbeuploadedWhichprocesstohandover.

(10)Firstchecksumoccupies16places.Thisfieldonlycheckstheheaderofthedatagram,butdoesnotincludethedatapart.Thisisbecauseeverytimeadatagrampassesthrougharouter,theroutermustrecalculatetheheaderchecksum(somefields,suchastimetolive,flags,sliceoffset,etc.,maychange).Notcheckingthedatapartcanreducetheworkloadofcalculation.

(11)Sourceaddressoccupies32bits.

(12)Destinationaddressoccupies32bits.

Variablepart

ThevariablepartoftheIPheaderisanoptionalfield.Theoptionfieldisusedtosupporttroubleshooting,measurement,andsecuritymeasures,andthecontentisveryrich.Thelengthofthisfieldisvariable,rangingfrom1byteto40bytes,dependingontheselecteditem.Someoptionitemsonlyrequire1byte,anditonlyincludes1byteofoptioncode.Buttherearesomeoptionsthatrequiremultiplebytes.Theseoptionsarespliced​​onebyonewithoutaseparatorinthemiddle.Finally,apaddingfieldofall0sisusedtofillinanintegermultipleof4bytes.

AddingthevariablepartoftheheaderistoincreasethefunctionoftheIPdatagram,butitalsomakesthelengthoftheheaderoftheIPdatagramvariable.Thisincreasestheoverheadforeachroutertoprocessdatagrams.Infact,theseoptionsarerarelyused.ThenewIPversionIPv6makestheheaderlengthoftheIPdatagramfixed.Theseoptionsaredefinedasfollows:

(1)Securityandprocessingrestrictions(usedinthemilitaryfield)

IP datagram

(2)Recordthepath(leteachrouterwritedownitsIPaddress)

(3)TimeStamp(LeteachrouterwritedowntheIPaddressandlocaltimeofeachrouterthattheIPdatagrampassesthrough)

(4)RelaxLooseSourceRoute(specifyaseriesofIPaddressesthatmustbepassedthroughfordatagrams)

(5)StrictSourceRoute(similartoloosesourceroute,Butitisrequiredtopassonlythesespecifiedaddresses,nototheraddresses)

Theseoptionsarerarelyused,andnotallhostsandrouterssupporttheseoptions.

InternetIPprotocol

IPprotocoloverview.TheInternetProtocolorInternetProtocol(IP)isadata-orientedprotocolusedinthemessageexchangenetwork.Itisastandardprotocolfornetworklayercommunication.Itisresponsibleforprovidingbasicdatapackettransmissionfunctions,sothateverydatapacketisAbletoreachthedestinationhost,butdoesnotcheckwhetheritisreceivedcorrectly.TherearefourprotocolsusedinconjunctionwiththeIPprotocol:AddressResolutionProtocolARP,ReverseAddressResolutionProtocolRARP,InternetControlMessageProtocolICMP,andInternetGroupManagementProtocolIGMP.

ThetransmissionofIPdatagramsinavirtualinterconnectionnetwork.Forexample,asourcehostintheInternetwantstosendanIPdatagramtothedestinationhost.Accordingtotheconceptofpacket-switchedstoreandforward,thesourcehostmustfirstlookupitsownroutingtabletoseeifthedestinationhostisonthenetwork.Ifitis,youdonotneedtogothroughanyroutersbutdirectlydeliver,andthetaskiscompleted.Ifnot,youmustsendtheIPdatagramtoarouterA.Afterlookingupitsownroutingtable,AknowsthatitshouldforwardthedatagramtorouterBforindirectdelivery.Inthisway,itkeepsforwarding.Finally,routerCknowsthatitisconnectedtothesamenetworkasthedestinationhostanddoesnotneedtouseotherroutersforforwarding,soitdeliversthedatagramdirectlytothedestinationhost.Thevariousnetworkscanbeheterogeneous.

IPaddress.TheIPaddressistoassignauniqueidentificationworldwideforeachnetworkconnection(networkcard).ThesourceIPaddressandthesinkIPaddressinthemessageheaderrespectivelyindicatetheIPlogicaladdressesofthesourcehostandthedestinationhost.TheIPaddresshasalengthof32bitsandiscomposedofanetworknumberandahostnumber.CommonlyusedIPaddressesincludeclassA,classB,andclassCaddresses,androuterswilladdressthemaccordingtotheIPaddress.TheInternetgenerallyadoptstheIPprotocol.TheIPprotocolrunninginthenetworkisIPv4;IPv6isasubsequentversionofIPv4.TheInternetisslowlyrunningoutofIPaddresses,andtheemergenceofIPv6hassolvedthisproblem.Comparedwiththe32-bitaddressofIPv4,IPv6hasa128-bitaddressspacethatcanprovidemuchmoreaddressesthantheformer.

IPlayerforwardspackets.IntheTCP/IPsystem,routingreferstotheprocessofselectingapathfortransmittingIPdatapacketsinthenetwork.Arouterisanetworkdevicethatundertakesroutingtasks.Theinformationusedfordecision-makingandroutingiscalledIProutinginformation.TherouterusestheIProutinginformationtoperformIPforwardingonthetransmittedIPdatapackets.

IPdatagramheaderinspection

Principle

TheIPdatagramheaderischeckedandverifiedtoensureitscorrectness.ThesenderdividestheheaderoftheIPdatagramintomultiple16-bitsmalldatablocksinorder.Theinitialvalueoftheheaderchecksumfieldissetto0,andthe16-bitsmalldatablocksaresummedwith1’scomplementalgorithm,andfinallyComplementtheresultagaintogetthefirstchecksum.Thecalculatedheaderchecksumisfilledbackintotheheaderchecksumfieldofthedatagram,encapsulatedintoaframe,andsenttothenexthopdeviceleadingtothesink.

Asthereceiver,thenext-hopdevicedividestheheaderofthereceivedIPdatagramintomultiple16-bitsmalldatablocks,andcalculatesthe16-bitsmalldatablockwith1’scomplementalgorithm.And,finally,theresultiscomplemented.Iftheresultis0,thecorrectnessoftheheaderofthedatagramisverified.Whenthesenderuses1'scomplementtocalculatethesum,thefirstchecksumfieldissettoO,whichmeansthatitdidnotparticipateinthecalculation.Thechecksumafterthecomplementisexactlytheoppositeoftheoriginalchecksum.Whenthereceiveruses1’scomplementtocalculatethesum,sincethenewheaderchecksumfieldhasbeenadded,thesumshouldbe0xffffiftheheaderhasnotchanged.Therefore,theresultofthecomplementshouldbe0x0000.

Meaning

IPdatagramsdonotverifytheirdataareaduringtransmission.Therearetworeasonsforthis:

TheIPprotocolisapoint-to-pointprotocol.Ifeverypointinthetransmissionprocesschecksthedata,itwillinevitablyincreasethecost,whichisinconsistentwiththeIP"bestefforttransmission"idea.Leavethereliabilitytoahigherleveltosolve,whichcannotonlyensurethereliabilityofthedata,butalsogetgreaterflexibilityandefficiency.BecausetheuppertransportlayeroftheIPlayerisanend-to-endprotocol,thecostofend-to-endverificationismuchsmallerthanthatofpoint-to-pointverification,especiallywhenthecommunicationlineisbetter.Inaddition,theupperlayerprotocolcanchoosewhethertoperformverificationaccordingtotherequirementsfordatareliability,andevenconsiderusingdifferentverificationmethods,whichbringsgreatflexibilitytothesystem.

ThenwhydoestheIPprotocolprovideaverificationfunctionfortheIPdatagramheader?Ontheonehand,theIPheaderbelongstothecontentoftheIPlayerprotocolandcannotbeprocessedbytheupperlayerprotocol.Ontheotherhand,somefieldsintheIPheaderareconstantlychangingduringthepoint-to-pointtransmissionprocessandcanonlybereformedateachintermediatepoint.Verifythedataandcompletetheverificationbetweenadjacentpoints.

IPpacketmonitoringtechnologyforlocalareanetwork

WiththerapiddevelopmentofcomputerInternettechnology,thenetworkhaspenetratedintopeople’slivesandhasaverycloseconnectionwithourlives.Partofourlives.Hackersattackournetworkthroughcomplexandchangeablenetworkattacks,invadingourInternet,andcausingourInternettohaveaconsiderablesecuritythreat.Theycaninterceptthedatapacketsbeingtransmittedinthelocalareanetworkandthenanalyzethedatapackets.,Toobtainaseriesofdata,resultinginallourpersonalinformationandprivacyexposed,andevencausedincalculablelosstoourpersonalproperty.IfyouuseIPpacketmonitoringtechnology,youcanobtainhackerintrusioninformationintime,andpreventhackersfromintrudinginadvancetopreventhackersfromtakingadvantageofitandprotectourinformationsecurity.Networkmonitoringisaveryimportanttechnologytoprotectinformationsecurity.Itcandiscoversecurityproblemsinthenetworkintime,whichisbeneficialtomaintainingthesecurityofthecomputerInternetnetwork.

ThestructureoftheLANIPdatapacketThestructureoftheLANIPdatapacketismainlycomposedofthreeparts,whichinclude"destinationIPaddress","sourceIPaddress"and"data",amongwhich"sourceIPaddress""Isusedtoindicatewherethedatapacketissentfrom;the"destinationIPaddress"isusedtodeclarewherethedatapacketwillbesent;the"data"partcontainsthedetailedandspecificdatainthedatapacketinformation.ThestructureoftheLANIPdatapacketisverysimilartothee-mailboxusedinourdailylife,anditispreciselybecauseofthisstructurethatitcancommunicatenormallyinacomputernetworkbasedontheTCP/IPprotocol.

Networkmonitoringisactuallyatechnologythatusesacomputer'snetworkinterfacetoobtaindatafromothercomputers.Thistechnologycanmonitorthecurrentnetworktrafficandillegallystealconfidentialfileinformationtransmittedonthenetwork.Thebasicprincipleoflocalareanetworkmonitoringisthatwhendataistransmittedinthelocalareanetworkenvironment,thedatapacketcontainingthephysicaladdressissenttoeachhostthroughthelocalareanetwork.Whenthedatapacketreachesthehostnetworkcard,undernormalcircumstances,thenetworkcardwillcheckReturnwhetherthephysicaladdressofthedatapacketisthesameasthephysicaladdressorbroadcastaddressofthemachine,ifitisthesame,itwillbehandedovertotheIPlayerforprocessing,andifitisnotthesame,thedatapacketwillbediscarded.Whenthenetworkcardofahostisinpromiscuousmode,alldatapacketsarrivingatthecomputerwillbehandedovertotheIPlayerforprocessing.Evenifthephysicaladdressofthedatapacketisdifferentfromthephysicaladdressofthemachine,itwillnottransferthedata.Thepacketisdropped.Therefore,inalocalareanetworkenvironment,alldatapacketstransmittedonthesamerootnetworkwirewillbereceived,andthenthroughtheanalysisandcrackingofthereceiveddata,thedatathattheuserwantscanbeobtained.

RouterIPdatapackettrafficstatistics

Arouterisadevicethatconnectsmultiplenetworksandnetworksegments.Itcandecodeandre-encodeinformationfromdifferentnetworksandnetworksegments.,Sothatthenetworkscanbeconnectedtoeachother,theroutercanchoosethemosteffectiveandsimplestpathtoconnecttoothernetworksaccordingtothedestinationaddressofthedatapacket,andthenformalargernetwork,sothatthenetworkcanbemaximized.ResourceSharing.Itisthethroatthroughwhichtrafficdataentersandexits.AllnetworktrafficfromtheLANtotheInternetmustpassthroughtherouter.Therefore,therouterplaystheroleofdatacollection.Therearealsomanywaystocollectnetworktrafficdatathroughrouters,suchastheshowIPaccountcommand,SNMPprotocol,andTelnetprograms.BecausethemainfunctionoftherouteristohelpIPdatapacketstochoosethecorrectrouteandreachthedestinationaddressmorequicklyintime,therefore,weusuallydonotuseitsownrecordingfunctiontoobtainnetworktrafficstatistics,otherwiseitwillgreatlyreducetherouter’sSelectfunction.WegenerallyusethemethodofSNMPprotocolandTelnetprogramtoobtainthetrafficstatisticsofdatapacketsfromtherouter.

Therearemanywaystocountnetworkdatatraffic.Eachmethodhasitsadvantagesanddisadvantages.Thestatisticalmethodofnetworkdatatrafficthroughroutershasthefollowingcharacteristics:

Accuratestatisticsofdatatraffic

Becausetherouteristhethroatoftheflowdata,itisanimportantdevicetorealizetheinterconnectionbetweennetworks,andthecommunicationbetweenthenetworksmustbeconvertedbytherouterTobedone.Thetaskoftherouteristoselectthecorrespondingrouteaccordingtothedestinationaddressofthedatapacket,andthenconnectwithothernetworks.Therefore,theroutercanaccuratelyreflectthenetworkdatatrafficexceptforinandout.

Makethebillingservernotrestrictedbylocation

Theultimatepurposeofstatisticsandmonitoringofnetworkdatatrafficistochargeforit,duetovariousThelimitationofthestatisticalmethoditselfmakestheaccountingservermustbeplacedintheaccountingnetworksegment.Asaresult,asmanybillingserversareneededastherearebillingnetworksegments,whichgreatlyincreasestheworkload.Andifyouusearouter,youwillgettwicetheresultwithhalftheeffort.Aslongasthebillingservercanaccesstherouterwherethenetworksegmentislocated,onebillingservercancompletethedatacollectionofallnetworktraffic.AsforwherethebillingserverislocatedThebillingnetworksegmentisnotimportant.Moreover,therouterusedinthisbillingdoesnotneedtobetoocomplicated,nordoesitneedtoaddotherhardware,soitissimplertoimplementthanotherbillingmethods.

Consistencywithothernetworkmanagementfunctions

TheInternetusesthestandardnetworkmanagementprotocolSNMP,androutersalsomainlyusetheLoftheSNMPprotocol.Orderthestatisticsandmonitoringofnetworkdatatraffic.Thisensuresconsistencywithothernetworkmanagementfunctionsindatacollectionmethods.

Disadvantages

Ontheonehand,themainfunctionoftherouteristorealizetheroutingofdata,tohelpthedatapacketchoosethefastestpath,sothatitcantransferthedataassoonaspossible.Sendtothedestinationaddress.However,theuseofrouterstocollectstatisticsonnetworkdatatrafficwilltakeupadditionalmemoryandCPUoverheadoftherouter.Especiallyfornetworkswithrelativelylargecommunicationtraffic,thecontradictionwillbemoreprominent.Seriously,itwillcausethechargingbuffertooverflow,causethelossofincomingandoutgoingtrafficdata,andultimatelyaffectthenetworkspeed.Ontheotherhand,therouterperformstrafficaccountingforIPaddresses,soitdoesnotsupporttrafficaccountingforusers,norcanitpreventpeoplefromembezzlingIPaddresses,soitwillalsoaffectthestatisticsandmonitoringofnetworkdatatraffic.

This article is from the network, does not represent the position of this station. Please indicate the origin of reprint
TOP