+++++++IHL : length of the header, counted in 32-bits word length (min length=5 when the header doesn't contain any option)
+++++++Type of service: shows the caracterstics of the desired service, this field is composed as follow
0 1 2 3 4 5 6 7
+-----+-----+-----+-----+-----+-----+-----+-----+
| PRECEDENCE | D | T | R | O | O |
+-----+-----+-----+-----+-----+-----+-----+-----+
111=NetWork Control
110=InternetWork control
101= CRITIC/ECP
100=Flash Override
011=Flash
010=Immediate
001=Priority
000=Routines
Other bits meaning:
D=0 normal transmission delay D=1 shorter delay
T=0 normal flow T=1 high flow
R=0 normal reliability R=1 high reliability
Last 2 bits: dunno
+++++++Total length: total length (header + data) of the IP packet.
+++++++Identification: the identification of the packet is assigned by the source machine and is used to put all the segments back together. All the segments of a packet have the same value in this field
Flags: 3 bits
bit 1: always has to be set to 0.
bit 2 (DF):
if = 0 ---> the packet can be segmented
if = 1 ---> the packet can't be segmented
bit 3 (MF):
if = 0 ---> it's the last segment
if = 1 ---> there're others segments
+++++++Fragment Offset: this fields specifies which part of the packet this segment belongs to. Its value is given w/ byte as unit. For the 1st segment this field is set to 0.
+++++++Time To live: this field specifies the time the packet can 'live' when it travels all over the net. This Field is decreased everytime this packet comes across a router. The packet is dropped out if the value in this field is equal to 0, and in this case a ICMP message is sent to the source machine (the traceroute command eg uses this property)
+++++++Protocol: yhis field specifies the protocol which will handle the datas of the packet. You can find all the protocols numbers usually in the file /etc/protocols if you use a unix system. This File could looks like
ip 0 IP # internet protocol, pseudo protocol number
icmp 1 ICMP # internet control message protocol
igmp 2 IGMP # internet group multicast protocol
ggp 3 GGP # gateway-gateway protocol
tcp 6 TCP # transmission control protocol
pup 12 PUP # PARC universal packet protocol
udp 17 UDP # user datagram protocol
idp 22 IDP # WhatsThis?
raw 255 RAW # RAW IP interface
+++++++header checksum: simply the header checksum as it's written. =P
As certain field are modified along the packet's travel (e.g. the time to live field), this field is recomputed by every router that handles the packet. If there's an error found by the router, the packet is droped out.
+++++++Source adress: IP of the source machine
+++++++Destination adress: IP of the target machine
+++++++Options: this field is optional (ie, not present in every packet), but it MUST be handled by the IP layer of your system. Its length is variable, and there could be O to serveral options (errr…).
I dunno much about option, here's the few I know
There're 2 options format:
- a single byte that specifies the option type.
- several bytes: the 1st one specifies the option type, the 2d one the total length of the option field, The others are the options datas.
Scheme of the options byte.
0 1 2 3 4 5 6 7
+-----+-----+-----+-----+-----+-----+-----+-----+
| CF | Classes | Option number |
+-----+-----+-----+-----+-----+-----+-----+-----+
le bit CF: specifies if the option is copied in every segments of the packet whenever the packet is segmented
bit classes: here're the value, I don't really what is it all about
