CCIE Ep.7 L3 Pck3t.v4
Hey Guys, In this post we’ll describe IPv4 headers and Path MTU Discovery.
As we known, IPv4 works on OSI (Network) and TCP/IP (Internet). Internet Protocol addresses are used for routers, Switches Multilayer, Unix (with router funcions) to make forwarding decisions.
Let´s see and understand IPv4 Packet header
- Version: This is four-bit field and identifies IP version. Binary 0100 to indicate IPv4 and binary 0110 to indicate IPv6.
- Header Lenghth (HL): This is four-bits fields. This is included beacause size of IPv4 can vary (field options). The minimum length of the IPv4 header is 20 bytes and the field options might increase this size up to a maximum of 60 bytes.
- Type of Service (TOS) or DiffServ: This is an eight-bit field and can be used for specifying special handling of the packet. This field is broken down into two subfilds — Precedence and TOS. Precedence allows set priority to packets and TOS allows the selection of delivery service (throughput, delay, reliability, and monetary cost). But TOS field has been redefined as a part of the Diffentiated Services (DiffServ).
Diffserv framework allows more flexibility to handling of Packets than TOS definitions. With Diffserv, we can define service classes on a router and sort packets into these classes. Each queuing and fowarding treatment is called Per-hop Behavior (PHB).
- Total length: This 16 bit field defines packets size in bytes, including header and data payload. The minimum size is 20 bytes (without data) and maximum is 65,535 bytes.
- Identifier:This is a 16 bit field used together Flags and Fragment Offset fields for fragmentation of a packets. packets that exceeds MTU length must be fragmented into smaller packets.
- Flags: This is a three-bit field witch the first bit is unused (reserved always 0). The second bits is the Don’t Fragment (DF) bit. When DF bit is set, router cannot fragment the packet and if the packet cannot be forwarded withou fragmenting, the router drops the packet and sents an error message to the source. The third bit is the more fragments (MF) bit. This bit is sets to one untill the last packet fragmenteded.
Note that if a single fragment is lost during a transmission, the entire packet must be resent and refragmented at the same point in the network.
- Fragment Offset: This is a 13 bits. Because packets cannot always arrived the destination in sequence, the fragment Offset field helps the pieces to be reassembled in the correct order.
- Time To Live (TTL): This is eight-field that prevents packets loops. Depends of the platform, when a packet ip is created, this field receives a value and as the packet is passed from router to router, this value is decrease. When gets zero, the packet is drop and an error message is sent to the source.
- Header Chechsum: Error detection field for the IP header. The checksum is not calculated for the encanpsulated data (UDP, TCP, ICMP). Because, every router decrease TTL field, the checksum must be recalculared at each router.
- Protocol: identifies protocol number, of the transport layer. Commoms are 1 ICMP, 2 IGMP, 6 TCP, 17 UDP, 88 EIGRP, 89 OSPF and so on. Note, except TCP and UDP, all others run on network layer.
- Source and Destionation Address: are the 32bits the specifies the originator and the destionation of the packet.
- Options: Is a variable length field. Sourcer or other router can add informations in this field. The most frquently used optios are:
. Loose source routing: This specifies what routers (ip address) the packet must pass but can include more router beteewn the addresses.
. Strict source Routing: Like loose source routing, router addresses is listed. But unlike loose source, the packet must follow the route exactly.
. Record route: Each router provides address of its outgoing interface as the packet transits.
. Timestamp: Works like record but the each router also enters a timestamp.
Path MTU Discovery
PMTUD is a techinique to identifies MTU Size. MTU is the maximum length of the IP packet an enlance can support. If the packets exceed MTU, fragmation will be done. let’s see how we can discovery MTU.
Extend ping using DF bit and recod option:
darkstar#ping
Protocol [ip]: ip
Target IP address: 192.0.2.10
Repeat count [5]: 1
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface:
Type of service [0]:
Set DF bit in IP header? [no]: y
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: r
Number of hops [ 9 ]:
Loose, Strict, Record, Timestamp, Verbose[RV]:
Sweep range of sizes [n]: y
Sweep min size [76]: 500
Sweep max size [18024]: 2000
Sweep interval [1]: 500
Type escape sequence to abort.
Sending 4, [500..2000]-byte ICMP Echos to 192.0.2.10, timeout is 2 seconds:
Packet sent with the DF bit set
Packet has IP options: Total option bytes= 39, padded length=40
Record route: <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)Reply to request 0 (6 ms) (size 500). Received packet has options
Total option bytes= 40, padded length=40
Record route:
(172.16.22.2)
(192.0.2.21)
(192.0.2.10)
(192.0.2.10)
(172.16.22.1)
(172.16.22.2) <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
End of listReply to request 1 (1 ms) (size 1000). Received packet has options
Total option bytes= 40, padded length=40
Record route:
(172.16.22.2)
(192.0.2.21)
(192.0.2.10)
(192.0.2.10)
(172.16.22.1)
(172.16.22.2) <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
End of listUnreachable from 172.16.22.1, maximum MTU 1400 (size 1500). Received packet has options
Total option bytes= 39, padded length=40
Record route: <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)Request 3 timed out (size 2000)
Success rate is 50 percent (2/4), round-trip min/avg/max = 1/3/6 ms
Unreachable from 172.16.22.1, maximum MTU 1400 (size 1500). Received packet has options
