stackoom
  简体   繁体   中英

Error in the tcp segment area inside a IP packet?

 原文  2016-08-24 12:58:47       networking/ tcp/ ip/ ipv4

Question

Inside an IP network IPv4 protocol is being used. When a datagram is being transported through the network (TTL=2), an error occurs inside the field which contains TCP-segment with the address of a web page. What will be the reaction of the router when reading such datagram?

I'm battling with this question for two days now. What I know:

  • the router only reads the header of the datagram and if the checksum fails the datagram is being discarded by the router,

  • TTL is always decremented by one by the router if the header checksum is OK, after the -1, the datagram is being forwarded to the next router in the network

Based on this two points I conclude that the datagram will go further and TTL will be 1 and new checksum will be calculated by the router.

However there are three other possible answers to the questions:

  1. The router sends ICMP to source with the error
  2. the router repairs the mistake based on the header checksum and then forward the datagram
  3. the router sends the datagram out of the network (discards the datagram)

Any help with clearing this problem?

1 answers

solution1
 1 ACCPTED  2016-08-25 14:15:11

The exact algorithms that must be implemented by IPv4 routers is described in RFC 1812 - Requirements for IP Version 4 Routers . According to the IETF RFC Index it still applies ("Status: BEST CURRENT PRACTICE").

The forwarding algorithm can be found in Section 5.2.1 . The constraints determining the dependencies between the steps are (quoting):

(1) A router MUST verify the IP header, as described in section [5.2.2], before performing any actions based on the contents of the header. This allows the router to detect and discard bad packets before the expenditure of other resources.

(2) Processing of certain IP options requires that the router insert its IP address into the option. [...]

(3) The router cannot check and decrement the TTL before checking whether the packet should be delivered to the router itself, for reasons mentioned in Section [4.2.2.9].

(4) More generally, when a packet is delivered locally to the router, its IP header MUST NOT be modified in any way [...].

The actual steps performed when receiving a packet are (quoting):

(1) The router receives the IP packet (plus additional information about it, as described in Section [3.1]) from the Link Layer.

(2) The router validates the IP header, as described in Section [5.2.2]. Note that IP reassembly is not done, except on IP fragments to be queued for local delivery in step (4).

(3) The router performs most of the processing of any IP options. As described in Section [5.2.4], some IP options require additional processing after the routing decision has been made.

(4) The router examines the destination IP address of the IP datagram, as described in Section [5.2.3], to determine how it should continue to process the IP datagram. There are three possibilities:

o The IP datagram is destined for the router, and should be queued for local delivery, doing reassembly if needed.

o The IP datagram is not destined for the router, and should be queued for forwarding.

o The IP datagram should be queued for forwarding, but (a copy) must also be queued for local delivery.

So it is clear that checksum verification of the IPv4 header is performed first. The exact steps are described in Section 5.2.2 IP Header Validation , but they are not important here. What matters is that only the IP header is checked, not the content. Therefore the router cannot detect the error.

Based on this two points I conclude that the datagram will go further and TTL will be 1 and new checksum will be calculated by the router.

Correct.

As for the other options:

  1. The router sends ICMP to source with the error

No, there is no Time Exceeded error. As for other ICMP errors, there are none that signal to the sender packet corruption. So even if the router could detect packet corruption (say if the corrupted bit was in the IP header), it would still not send an ICMP message.

  1. The router repairs the mistake based on the header checksum and then forward the datagram

No, the checksumming performed in IPv4 and TCP only allows error detection, not correction.

  1. The router sends the datagram out of the network (discards the datagram)

It does not discard it because it does not detect the error.

Regarding what I said in the comment about link layer error detection, there are usually two sources of errors in transit: (1) from the transmission medium (interference, damaged cable, improperly connected plug etc.) and (2) from forwarding devices themselves (defective memory chips, firmware bugs, cosmic rays hitting a chip etc.). The link layer can usually detect and may even correct errors from (1), but obviously not from (2). So the scenario described in the question is indeed possible if a device malfunction corrupted the packet contents.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question TCP/IP efficient packet filtering detecting TCP/IP packet loss Wireshark anlayse packet data TCP/IP Can I get TCP/IP packet before it was sent? Use IP or TCP packet length to analyze how much data transferred Journey of a TCP packet and changes (Ip address and port happens) in every hop Monitor tcp packet segmentation and packet retransmitting using wireshark in multiple IP Address Change packet ip using Pcap.Net without know in advance if the packet is TCP, UDP packet order in TCP packet fragmentation Is it possible to create a single socket, single thread, TCP/IP packet reader for multiple clients?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM