1
What is the IP address of your computer?
我的电脑的IP地址是:192.168.1.102
2
Within the IP packet header, what is the value in the upper layer protocol field?
协议栏值为ICMP (1)
3
How many bytes are in the IP header? How many bytes are in the payload of the
IP datagram? Explain how you determined the number of payload bytes.
- IP头部有20字节
- IP数据报中负载为64字节,因为总长度是84字节,减去20字节的头部信息就是64字节。
4
Has this IP datagram been fragmented? Explain how you determined whether or
not the datagram has been fragmented.
从图中可以看出
- 保留位,未使用
- 不允许分片:否
- 存在更多分片:否
偏移量为0,所以可以看除,该包已经装下了所有数据,是最后一个片,没有分片。
5
Which fields in the IP datagram always change from one datagram to the next
within this series of ICMP messages sent by your computer?
Frame 8 | Frame 10 |
---|---|
Identification: 0x32d0 (13008) | Identification: 0x32d1 (13009) |
Time to Live: 1 | Time to Live: 2 |
Header Checksum: 0x2d2c [validation disabled] | Header Checksum: 0x2c2b [validation disabled] |
可以观察得知,Identification
、Time to Live
、Header Checksum
三个属性总是会变。
6
Which fields stay constant? Which of the fields must stay constant? Which fields
must change? Why?
must stay constant
- Version : 因为在用IPv4
- Header Length: 因为这些是UDP包,需要确定头部长度
- Differentiated Services Field : 因为这些都是UDP包
- Protocol : 上层使用的协议都是UDP,不然不会在一个系列里
- Source Address : 都从我的机器发出去
- Destination Address : 都要发到目标服务器上
stay constant
- Total Length 报文总长度
- Flags 标记是否分组
must change
- Identification : 不同的包必然有不同的id
- Time to Live : 追踪路由增加的包的数量
- Header Checksum : 因为头部更改了
识别号、头部检验和和生存时间值必然改变
7
Describe the pattern you see in the values in the Identification field of the IP datagram
从上面三个连续的IP数据报可以看出,发送方每发送一个数据报,Identification就增加1
8
What is the value in the Identification field and the TTL field?
Identification:13008
TTL:1
9
Do these values remain unchanged for all of the ICMP TTL-exceeded replies sent to your computer by the nearest (first hop) router? Why?
不变。
- TTL字段在IP报文段中占8bit,最大值为255;
- 第一跳收到的是255,表示没有减少;
- 当这个IP包通过一个路由器时,TTL就会减少一。
10
Find the first ICMP Echo Request message that was sent by your computer after you changed the Packet Size in pingplotter to be 2000. Has that message been fragmented across more than one IP datagram?
是,被分片了。
这是由于链路层的以太网存在1500字节的限制,超过该限制的数据包就会被分片
11
Print out the first fragment of the fragmented IP datagram. What information in the IP header indicates that the datagram been fragmented? What information in the IP header indicates whether this is the first fragment versus a latter fragment? How long is this IP datagram?
12
Print out the second fragment of the fragmented IP datagram. What information in the IP header indicates that this is not the first datagram fragment? Are the more fragments? How can you tell?
13
What fields change in the IP header between the first and second fragment?
Total length
, Flags
,Identification
, Fragment Offset
, Header Checksum
五个字段产生了变化
14
How many fragments were created from the original datagram?
3个分片。
15
What fields change in the IP header among the fragments?
Total length
, Flags
,Identification
, Fragment Offset
, Header Checksum
五个字段产生了变化