#How does a router know whether it has to fragment a
packet or not?
IP Fragmentation
An IP packet that is larger than the Maximum Transmission
Unit (MTU) of an interface, is too large for transmission over that interface.
The packet must either be fragmented, or discarded (and an ICMP error message
returned to the sender). In either case, the original data will be fragmented
into smaller packets (less than the smallest MTU) in order to allow it to be
received by the final destination system.
There are two approaches to doing this fragmentation:
IP Router Segmentation:performing the fragmentation in the
routers
IP Path MTU Discovery:forcing the sender to perform the
fragmentation
IP Fragmentation processing at a Router
The simplest approach from the end-system point of view is
not to worry about the MTU size. In this simple approach, the sender simply has
to ensure that each packet is less than the MTU of the link on which it is
sent. (The router always knows this from the link interface configuration
information).
Large IP packets that exceed the MTU of the link between
R1 and R2 are fragmented by R1 in to two or more IP packets each smaller than
the MTU size.
The network layer then has to arrange to cut packets up
into smaller fragments whenever a router encounters a link with an MTU smaller
than the received IP packet size. All the fragments of an IP packet carry the
same ID in the IP packet header (allowing the final receiver to reassemble the
fragmented parts into the original PDU). This is called "IP
fragmentation" or "IP segmentation". The problem is, this
offloads a lot of work on to routers, and in the worst case, can also result in
packets being segmented by several IP routers one after another, resulting in
very peculiar fragmentation.
Fragmentation Method
To fragment/segment a long internet packet, a router (R1
in the figure below) creates a new IP packet and copies the contents of the IP
header fields from the long packet into the new IP header. The data of the long
packet is then divided into two portions on a 8 byte (64 bit) boundary, so that
the first packet is less than the MTU of the out-going interface. The
more-fragments flag (MF) in the first packet is set to one (to indicate that
more fragments of this packet follow). The More Flag may already be set in this
packet if it has already been fragmented by another system. This packet is
forwarded.
The second created new packet is then processed. The
packet header field is identical to that of the original packet (including the
same value of the packet ID, the total length field, the more-fragments flag
(MF) and the fragment offset field in the original packet). The packet header
field is updated with a new offset field, by adding the number of payload bytes
sent in the first fragment. If this new packet is larger than the allowed link
MTU, the packet is again fragmented.
IP Router Fragmentation
Any packet that has a more fragments (MF) flag set, must
have an integral multiple of 8 bytes. (The final fragment, which does not have
this flag set, may have an arbitrary number of bytes).
IP Router fragmentation is not recommended in the modern
Internet, and this feature was not carried-forward when the next generation
Internet Protocol (IPv6) was specified.
IP Fragmentation processing at a Sender
Path MTU Discovery allows a sender to fragment/segment a
long internet packet, rather than relying on routers to perform IP-level
fragmentation. This is more efficient and more scalable. It is therefore the recommended
method in the current Internet. This is also the only method supported in IPv6.
IP Reassembly processing at the Receiving End System
IP fragmentation and reassembly employs updating and using
the values in the second 32 bits of the IPv4 packet header. An end system that
accepts an IP packet (with a destination IP address that matches its own IP
source address) will also reassemble any fragmented IP packets before these are
passed to the next higher protocol layer.
The system stores all received fragments (i.e., IP packets
with a more-fragments flag (MF) set to one, or where the fragment offset is
non-zero), in one of a number of buffers (memory space). Packets with the same
16-bit Identification value are stored in the same buffer, at the offset
specified by the fragment offset field specified in the packet header.
Packets which are incomplete remain stored in the buffer
until either all fragments are received, OR a timer expires, indicating that
the receiver does not expect to receive any more fragments. Completed packets
are forwarded to the next higher protocol layer.
#What are the issues with IP fragmentation?
There are several issues that make IP fragmentation
undesirable. There is a small increase in CPU and memory overhead to fragment
an IP datagram. This holds true for the sender as well as for a router in the
path between a sender and a receiver. Creating fragments simply involves
creating fragment headers and copying the original datagram into the fragments.
This can be done fairly efficiently because all the information needed to
create the fragments is immediately available.
Fragmentation causes more overhead for the receiver when
reassembling the fragments because the receiver must allocate memory for the
arriving fragments and coalesce them back into one datagram after all of the
fragments are received. Reassembly on a host is not considered a problem
because the host has the time and memory resources to devote to this task.
But, reassembly is very inefficient on a router whose
primary job is to forward packets as quickly as possible. A router is not
designed to hold on to packets for any length of time. Also a router doing
reassembly chooses the largest buffer available (18K) with which to work
because it has no way of knowing the size of the original IP packet until the
last fragment is received.
Another fragmentation issue involves handling dropped
fragments. If one fragment of an IP datagram is dropped, then the entire
original IP datagram must be resent, and it will also be fragmented. You see an
example of this with Network File System (NFS). NFS, by default, has a read and
write block size of 8192, so a NFS IP/UDP datagram will be approximately 8500
bytes (including NFS, UDP, and IP headers).
A sending station connected to an Ethernet (MTU
1500) will have to fragment the 8500 byte datagram into six pieces; five 1500
byte fragments and one 1100 byte fragment. If any of the six fragments is
dropped because of a congested link, the complete original datagram will have
to be retransmitted, which means that six more fragments will have to be
created. If this link drops one in six packets, then the odds are low that any
NFS data can be transferred over this link, since at least one IP fragment
would be dropped from each NFS 8500 byte original IP datagram.
Firewalls that filter or manipulate packets based on Layer
4 (L4) through Layer 7 (L7) information in the packet may have trouble
processing IP fragments correctly. If the IP fragments are out of order, a
firewall may block the non-initial fragments because they do not carry the
information that would match the packet filter. This would mean that the
original IP datagram could not be reassembled by the receiving host. If the
firewall is configured to allow non-initial fragments with insufficient
information to properly match the filter, then a non-initial fragment attack
through the firewall could occur. Also, some network devices (such as Content
Switch Engines) direct packets based on L4 through L7 information, and if a
packet spans multiple fragments, then the device may have trouble enforcing its
policies.
#What is meant by IP fragmentation?
The breaking up of a single IP datagram into two or more
IP datagrams of smaller size is called IP fragmentation.
#Why is an IP datagram fragmented?
Every transmission medium has a limit on the maximum size
of a frame (MTU) it can transmit. As IP datagrams are encapsulated in frames,
the size of IP datagram is also restricted. If the size of An IP datagram is
greater than this limit, then it must be fragmented.
#Which RFCs discuss IP
fragmentation?
RFC 791 & RFC 815 discusses about IP datagrams,
fragmentation and reassembly.
#Is it possible to select an IP
datagram size to always avoid fragmentation?
It is not possible to select a particular IP datagram size
to always avoid fragmentation, as the MTU for different transmission It is
possible, though, for a given path to choose a size that will not lead to
fragmentation. This is called Path MTU Discovery and is discussed in the RFC
1191. The TCP transport protocol tries to avoid fragmentation using the Maximum
Segment Size (MSS) option.
#Where an IP datagram may get
fragmented?
An IP datagram may get fragmented either at the sending
host or at one of the intermediate routers.
#Where are the IP datagram
fragments reassembled?
The IP fragments are reassembled only at the destination
host.
#How to prevent an IP datagram from
being fragmented?
A IP datagram can be prevented from fragmentation, by
setting the "don't fragment" flag in the IP header.
#What happens when a datagram must
be fragmented to traverse a network, but the "don't fragment" flag in
the datagram is set?
The datagram whose "don't fragment" flag is set
is discarded, if it must be fragmented to traverse a network. Also, a ICMP error
message is sent back to the sender of the datagram.
#Will all the fragments of a
datagram reach the destination using the same path?
The different fragments of the same IP datagram can travel
in either in the same path or in different paths to the destination.
#Will all the fragments of a
datagram arrive at the destination system in the correct order?
The different fragments of a single IP datagram can arrive
in any order to the destination system.
#What happens to the original IP
datagram when one or more fragments are lost?
When one or more fragments of an IP datagram are lost,
then the entire IP datagram is discarded after a timeout period.
#What is the minimum size of an IP
fragment?
The minimum size of an IP fragment is the minimum size of
an IP header plus eight data bytes. Most firewall-type devices will drop an
initial IP fragment (offset 0) that does not contain enough data to hold the
transport headers. In other words, the IP fragment normally need 20 octets of
data in addition to the IP header in order to get through a firewall if offset
is 0.
#What are the limitations on the
size of a fragment?
The size of an IP datagram fragment is limited by
The amount of remaining data in the original IP datagram
The MTU of the network and
Must be a multiple of 8, except for the final fragment.
#How is an IP datagram fragment
differentiated from a non-fragmented IP datagram?
A complete IP datagram is differentiated from an IP
fragment using the offset field and the "more fragments" flags. For a
non-fragmented IP datagram, the fragment offset will be zero and the "more
fragments" flag will be set to zero.
#How are the fragments of a single
IP datagram identified?
The "identification" field in the IP header is
used to identify the fragments of a single IP datagram. The value of this field
is set by the originating system. It is unique for that source-destination pair
and protocol for the duration in which the datagram will be active.
#How is the last fragment of an IP
datagram identified?
The last fragment of an IP datagram is identified using
the "more fragments" flag. The "more fragment" flag is set
to zero for the last fragment.
#How is the length of a complete IP
datagram calculated from the received IP fragments?
Using the fragment offset field and the length of the last
fragment, the length of a complete IP datagram is calculated.
#How is an IP datagram fragmented?
In the following example, an IP datagram is fragmented
into two. This same algorithm can be used to fragment the datagram into 'n'
fragments.
The IP layer creates two new IP datagrams, whose length
satisfies the requirements of the network in which the original datagram is
going to be sent.
The IP header from the original IP datagram is copied to
the two new datagrams.
The data in the original IP datagram is divided into two
on an 8 byte boundary. The number of 8 byte blocks in the first portion is
called Number of Fragment Blocks (NFB).
The first portion of the data is placed in the first new
IP datagram.
The length field in the first new IP datagram is set to
the length of the first datagram.
The fragment offset field in the first IP datagram is set
to the value of that field in the original datagram.
The "more fragments" field in the first IP
datagram is set to one.
The second portion of the data is placed in the second new
IP datagram.
The length field in the second new IP datagram is set to
the length of the second datagram.
The "more fragments" field in the second IP
datagram is set to the same value as the original IP datagram.
The fragment offset field in the second IP datagram is set
to the value of that field in the original datagram plus NFB.
#How a destination system
reassembles the fragments of an IP datagram?
When a host receives an IP fragment, it stores the
fragment in a reassembly buffer based on its fragment offset field.
Once all the fragments of the original IP datagram are
received, the datagram is processed.
Upon receiving the first fragment, a reassembly timer is
started.
If the reassembly timer expires before all the fragments
are received, the datagram is discarded.
#What fields are changed in an IP
header due to fragmentation?
The following IP header fields are changed due to IP
fragmentation:
Total Length
Header Length
More Fragments Flag
Fragment Offset
Header Checksum
Options
#What happens to the IP options
field when an IP datagram is fragmented?
Depending on the option, either it is copied to all the
fragments or to only the first fragment.
#Which IP options are copied to all
the fragments of an IP datagram?
If the most significant bit in the option type is set
(i.e. value one), then that option is copied to all the fragments. If it is not
set (i.e. value zero), it is copied only to the first fragment.
IP Header
Interview Questions and Answers:
#Which is the importance of identification field in the IP packet?
This is used to identify each fragmented packet so that destination device can rearrange the whole communication in order.
This is used to identify each fragmented packet so that destination device can rearrange the whole communication in order.
#Which device can reassemble the packet?
This is done only by the ultimate destination of the IP message.
This is done only by the ultimate destination of the IP message.
#What is IP datagram?
IP datagram can be used to describe a portion of IP data. Each IP datagram has set of fields arranged in order. IP datagram has following fields Version, Header length, Type of service, Total length, checksum, flag, protocol, Time to live, Identification, Source IP Address and Destination Ip Address, Padding, Options and Payload.
IP datagram can be used to describe a portion of IP data. Each IP datagram has set of fields arranged in order. IP datagram has following fields Version, Header length, Type of service, Total length, checksum, flag, protocol, Time to live, Identification, Source IP Address and Destination Ip Address, Padding, Options and Payload.
#What is MTU (Maximum Transmission Unit)?
The maximum transmission unit (MTU) of an interface tells Cisco IOS the largest IP packet that can be forwarded out on that interface.
The maximum transmission unit (MTU) of an interface tells Cisco IOS the largest IP packet that can be forwarded out on that interface.
#What is Fragmentation?
Fragmentation is a process of breaking the IP packets into smaller pieces (fragments). Fragmentation is required when the datagram is larger than the MTU. Each fragment than becomes a datagram in itself and transmitted independently from source. These datagrams are reassembled by the destination.
Fragmentation is a process of breaking the IP packets into smaller pieces (fragments). Fragmentation is required when the datagram is larger than the MTU. Each fragment than becomes a datagram in itself and transmitted independently from source. These datagrams are reassembled by the destination.
#How the packet is reassembled?
1.When a host receives an IP fragment, it stores this fragment in a reassembly buffer based on its fragment offset field.
2.Once all the fragments of the original IP datagram are received, the datagram is processed.
3.On receiving the first fragment, a reassembly timer is started.
4.If this reassembly timer expires before all the fragments are received than datagram is discarded.
1.When a host receives an IP fragment, it stores this fragment in a reassembly buffer based on its fragment offset field.
2.Once all the fragments of the original IP datagram are received, the datagram is processed.
3.On receiving the first fragment, a reassembly timer is started.
4.If this reassembly timer expires before all the fragments are received than datagram is discarded.
#What is the importance of DF, MF flag?
Don’t fragment bit
If DF bit is set, fragmentation is not allowed.
when a router needs to forward a packet larger than the outgoing interface’s MTU, the router either fragments the packet or discards it. If the IP header’s Do Not Fragment (DF) bit is set, means fragmentation is not allowed and the router discards the packet. If the DF bit is not set, means Fragmentation is allowed and the router can perform Layer 3 fragmentation on the packet.
Don’t fragment bit
If DF bit is set, fragmentation is not allowed.
when a router needs to forward a packet larger than the outgoing interface’s MTU, the router either fragments the packet or discards it. If the IP header’s Do Not Fragment (DF) bit is set, means fragmentation is not allowed and the router discards the packet. If the DF bit is not set, means Fragmentation is allowed and the router can perform Layer 3 fragmentation on the packet.
More fragments bit
If MF Bit is set to 1 means more fragments are coming. If it is set to 0 means This is the Last Fragment.
All fragments that belong to an IP datagram will have more fragments bit set except for the final fragment. The final fragment does not have the more fragment bit set indicating that this is the last fragment. This is how the End hosts comes to know that it has collected all the fragments of the IP datagram.
If MF Bit is set to 1 means more fragments are coming. If it is set to 0 means This is the Last Fragment.
All fragments that belong to an IP datagram will have more fragments bit set except for the final fragment. The final fragment does not have the more fragment bit set indicating that this is the last fragment. This is how the End hosts comes to know that it has collected all the fragments of the IP datagram.
#What is the purpose of fragment offset?
It is used to define the Size of each Fragmented Packet.
It is used to define the Size of each Fragmented Packet.
#What is the importance of TTL value?
It defines how long a packet can travel in the network. It is the number of hops that the IP datagram will go through before being discarded. At every hop TTL value is decremented by 1. When this field becomes zero, the data gram is discarded. This behavior helps prevent routing loops. The typical value for a TTL field is 32 or 64.
It defines how long a packet can travel in the network. It is the number of hops that the IP datagram will go through before being discarded. At every hop TTL value is decremented by 1. When this field becomes zero, the data gram is discarded. This behavior helps prevent routing loops. The typical value for a TTL field is 32 or 64.
#What does the protocol field determines in the IP packet?
The Protocol field is an 8-bit field that identifies the next level protocol. It Indicates to which upper-layer protocol this datagram should be delivered.
Example - TCP, UDP.
The Protocol field is an 8-bit field that identifies the next level protocol. It Indicates to which upper-layer protocol this datagram should be delivered.
Example - TCP, UDP.
SOME NOTES:
---------------------
Tcp header is much larger than UDP header hence we use UDP over TCP . It reduces the overhead.
Seq no= no assigned to the 1st byte of data in the message.
Ack no= next seq no or byte of data that rx expect to receive.
Offset = specifies the size of the Tcp header in 32 bit word and indicates where data actually begins.
Reserved field is set to 0 and can be used for further purpose.
Window : this sets the size of the rx window apart from seq no. This comes under flow control.
Padding is used to confirm that TCp header end with 32 bits .
Option is used for synchronization purpose.
To know the size of the data we should know the size of the header length in Ip header
Minimum size of ip header is 20 bytes and maximum is 60bytes
4 bits is used for ip header length.
So if header bits are 0101 means 5 *4 = 20 bytes
So always bits value is multiplied with 4 and header length is calculated .
Lets we have HL = 5base16 =5 *4 = 20bytes
TL =0028base16=40bytes ie 40-20 = 20 bytes is a data
TL=HL + data
So tL can be 20 bytes to 65,335bytes
---------------------
Tcp header is much larger than UDP header hence we use UDP over TCP . It reduces the overhead.
Seq no= no assigned to the 1st byte of data in the message.
Ack no= next seq no or byte of data that rx expect to receive.
Offset = specifies the size of the Tcp header in 32 bit word and indicates where data actually begins.
Reserved field is set to 0 and can be used for further purpose.
Window : this sets the size of the rx window apart from seq no. This comes under flow control.
Padding is used to confirm that TCp header end with 32 bits .
Option is used for synchronization purpose.
To know the size of the data we should know the size of the header length in Ip header
Minimum size of ip header is 20 bytes and maximum is 60bytes
4 bits is used for ip header length.
So if header bits are 0101 means 5 *4 = 20 bytes
So always bits value is multiplied with 4 and header length is calculated .
Lets we have HL = 5base16 =5 *4 = 20bytes
TL =0028base16=40bytes ie 40-20 = 20 bytes is a data
TL=HL + data
So tL can be 20 bytes to 65,335bytes
How Checksum is calculated ?
HL fileds in source side are are segmented/divided into 16 nbits. Initially Checksum is set to 0. All these n sets of 16 bits are added up together .say total bits value is Nbits .Do 1’s Complement of this. Say we get Ncbits .Update checksum with this value .send this value to destination.
Now we do same process in destination . but here we will add all 16 bits value with checksum value received from sender . Do 1’s complement of it and result should be zero. Otherwise data is corrupted.
In case of proc in tcl if we use return command it will return all the variables if return command is not mentioned it will return the last command.
Three way hand shake any host can initiate the connection
Client -------------------------server
Seq x ----------------------- received seq x
Seq y <------------ Ack x+1
Ack y+1 --------received Ack y+1
Routing Loop Avoidance Techniques
Split Horizon: Updates received in an interface can’t be sent out the same interface.
Split Horizon with Poison Reverse: Updates sent back with infinite metric (hop count 16) for every update received in an interface
Count to Infinity: To avoid continuous looping of a (bad) routing update. RIP sets the count to infinity with a hop count of 16.
Triggered Updates: supported with RIP version 2. Also known as the flash updates. If a metric is changed it is immediately advertised to neighbors without waiting for the regular scheduled update timer.
HL fileds in source side are are segmented/divided into 16 nbits. Initially Checksum is set to 0. All these n sets of 16 bits are added up together .say total bits value is Nbits .Do 1’s Complement of this. Say we get Ncbits .Update checksum with this value .send this value to destination.
Now we do same process in destination . but here we will add all 16 bits value with checksum value received from sender . Do 1’s complement of it and result should be zero. Otherwise data is corrupted.
In case of proc in tcl if we use return command it will return all the variables if return command is not mentioned it will return the last command.
Three way hand shake any host can initiate the connection
Client -------------------------server
Seq x ----------------------- received seq x
Seq y <------------ Ack x+1
Ack y+1 --------received Ack y+1
Routing Loop Avoidance Techniques
Split Horizon: Updates received in an interface can’t be sent out the same interface.
Split Horizon with Poison Reverse: Updates sent back with infinite metric (hop count 16) for every update received in an interface
Count to Infinity: To avoid continuous looping of a (bad) routing update. RIP sets the count to infinity with a hop count of 16.
Triggered Updates: supported with RIP version 2. Also known as the flash updates. If a metric is changed it is immediately advertised to neighbors without waiting for the regular scheduled update timer.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.