| ||
Internet Protocol (IP) is the workhorse of all TCP/IP networks. The packet header looks like this
Version and Header Length | 1 byte |
Type of Service | 1 byte |
Length of Packet | 2 bytes |
Identification | 2 bytes |
Fragment Offset Field | 2 bytes |
Time to Live | 1 byte |
Protocol | 1 byte |
Checksum | 2 bytes |
Source IP Address | 4 bytes |
Destination IP Address | 4 bytes |
Payload | Max of 64K |
Unlike ARP, IP always has a payload. The purpose of IP is to carry data from place to place (a perfect dump truck). The payload is accompanied by information regarding the size and number of devices that have handled the packet as it made its way to the target. Different types of network devices use portions of this packet header for different things. In this case, I am primarily interested in the protocol, length of packet, checksum, source address, and destination address fields. The protocol field is what tells us what is in the payload. For our discussion, the payload is ICMP, UDP, TCP, or unknown. The checksum is a basic sanity check for the packet. The source and destination addresses are the IP address of the device that sent the packet and of the device that is supposed to receive the packet. Our packet processor must look at all of these fields to accept or reject the packet, as well as to determine where the packet needs to go in the next phase of processing.
| ||