1,Networks
1)node:网络中的设备叫node,多数是computer,也有很多printer,bridges,routers....
2)Address 不同网络中地址不同
2,Layers of a Network
考虑分层的好处
TCP/IP four-layer
1)Host-To-Network Layer
Physical layer,ethernet,ppp,....
基本不用太关心该层
2)Internet Layer
Header:20->60Bytes
4-bit version number
Always 0100 (decimal 4) for current IP; will be changed to 0110 (decimal 6) for IPv6, but the entire header format will also change in IPv6.
4-bit header length
An unsigned integer between 0 and 15 specifying the number of 4-byte words in the header; since the maximum value of the header length field is 1111 (decimal 15), an IP header can be at most 60 bytes long.
例:0100 0101表示version为4,0101==5,表示有5个4-byte的words,共是4*5=20个Byte
1-byte type of service
A 3-bit precedence field that is no longer used, four type-of-service bits (minimize delay, maximize throughput, maximize reliability, minimize monetary cost) and a zero bit. Not all service types are compatible. Many computers and routers simply ignore these bits.
例:0000 0000
2-byte datagram length
An unsigned integer specifying the length of the entire datagram, including both header and payload.
例:0000 0000 0100 1000
16 bit,最长2^16
2-byte identification number
A unique identifier for each datagram sent by a host; allows duplicate datagrams to be detected and thrown away.
3-bit flags
The first bit is 0; the second bit is 0 if this datagram may be fragmented, 1 if it may not be; and the third bit is 0 if this is the last fragment of the datagram, 1 if there are more fragments.
13-bit fragment offset
In the event that the original IP datagram is fragmented into multiple pieces, this field identifies the position of this fragment in the original datagram.
1-byte time-to-live (TTL)
Number of nodes through which the datagram can pass before being discarded; used to avoid infinite loops.
1-byte protocol
6 for TCP, 17 for UDP, or a different number between 0 and 255 for each of more than 100 different protocols (some quite obscure); see for the complete current list
2-byte header checksum
A checksum of the header only (not the entire datagram) calculated using a 16-bit one's complement sum.
4-byte source address
The IP address of the sending node.
4-byte destination address
The IP address of the destination node.
最好使用wireshark等抓包工具进行分析,如下:可以很容易的区分出各个字段。
Noteice:纯粹的JAVA代码无法读写raw ip数据。
什么是raw ip data ?就是数据直接写在ip的data字段中,没有使用标准的传输层协议如TCP/UDP等。ICMP协议是一个例子。
更多:参考TCP/IP协议详解
阅读(408) | 评论(0) | 转发(0) |