Internet Protocol

by Walter Mirano.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on protocols  

You are here: Categories » Electronics and communication » Protocols

The Internet Protocol (IP) part of the TCP/IP suite is a four-layer model. IP is designed to interconnect networks to form an Internet to pass data back and forth. IP contains addressing and control information that enables packets to be routed through this Internet. (A packet is defined as a logical grouping of information, which includes a header containing control information and, usually, user data.) The equipment —that is, routers—that encounter these packets, strip off and examine the headers that contain the sensitive routing information. These headers are modified and reformulated as a packet to be passed along.

Packet headers contain control information (route specifications) and user data. This information can be copied, modified, and/or spoofed (masqueraded) by hackers.

One of the IP’s primary functions is to provide a permanently established connection (termed connectionless), unreliable, best-effort delivery of datagrams through an Internetwork. Datagrams can be described as a logical grouping of information sent as a network layer unit over a communication medium. IP datagrams are the primary information units in the Internet. Another of IP’s principal responsibilities is the fragmentation and reassembly of datagrams to support links with different transmission sizes.

During an analysis session, or sniffer capture, it is necessary to differentiate between different types of packet captures. The following describes the IP packet:

• Version. The IP version currently used.

• IP Header Length (Length). The datagram header length in 32-bit words.

• Type -of-Service (ToS). How the upper-layer protocol (the layer immediately above, such as transport protocols like TCP and UDP) intends to handle the current datagram and assign a level of importance.

• Total Length. The length, in bytes, of the entire IP packet.

• Identification. An integer used to help piece together datagram fragments.

• Flag. A 3-bit field, where the first bit specifies whether the packet can be fragmented. The second bit indicates whether the packet is the last fragment in a series. The final bit is not used at this time.

• Fragment Offset. The location of the fragment’s data, relative to the opening data in the original datagram. This allows for proper reconstruction of the original datagram.

• Time -to -Live (TTL). A counter that decrements to zero to keep packets from endlessly looping. At the zero mark, the packet is dropped.

• Protocol. Indicates the upper-layer protocol receiving the incoming packets.

• Header Checksum. Ensures the integrity of the IP header.

• Source Address/Destination Address. The sending and receiving nodes (station, server, and/or router).

• Options. Typically, contains security options.

• Data. Upper-layer information.

Key fields to note include the Source Address, Destination Address, Options, and Data.

IP Datagrams, Encapsulation, Size, and Fragmentation

IP datagrams are the very basic, or fundamental, transfer unit of the Internet. An IP datagram is the unit of data commuted between IP modules. IP datagrams have headers with fields that provide routing information used by infrastructure equipment such as routers.

Be aware that the data in a packet is not really a concern for the IP. Instead, IP is concerned with the control information as it pertains to the upper-layer protocol. This information is stored in the IP header, which tries to deliver the datagram to its destination on the local network or over the Internet. To understand this relationship, think of IP as the method and the datagram as the means.

The IP header is the primary field for gathering information, as well as for gaining control.

It is important to understand the methods a datagram uses to travel across networks. To sufficiently travel across the Internet, over physical media, we want some guarantee that each datagram travels in a physical frame. The process of a datagram traveling across media in a frame is called encapsulation.

An ideal situation is one where an entire IP datagram fits into a frame; and the network it is traveling across supports that particular transfer size. But as we all know ideal situations are rare. One problem with our traveling datagram is that networks enforce a maximum transfer unit (MTU) size, or limit, on the size of transfer. To further confuse the issue, different types of networks enforce their own MTU; for example, Ethernet has an MTU of 1500, FDDI uses 4470 MTU, and so on. When datagrams traveling in frames cross network types with different specified size limits, routers must sometimes divide the datagram to accommodate a smaller MTU. This process is called fragmentation.

Routers provide the fragmentation process of datagrams, and as such, become vulnerable to passive and intrusive attacks.

Share
Leave a comment or ask a question
Total comments: 0

Protocols Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
THE WEB APPLICATION ARCHITECTURE - Web application architectures most closely approximate the centralized model of computing, with many distributed “thin” clients that typically perform little more than data presentati (more...)
DNS risks and security - DNS is the Domain Name System. It's a UDP- and TCP-based protocol that listens on port 53. TCP connections are commonly used for zone transfers. The DNS matches IP addresses to hostname (more...)
FTP with IPv6 - FTP has been designed to work over IPv4 supporting 32-bit addresses. With RFC 2428, "FTP Extensions for IPv6 and NATs," a specification was made that allows FTP to work over IPv4 and IPv6. Duri (more...)
DNS in the IPv6 world - DNS is used in the IPv4 world to do name-to-address mappings and vice versa. This is not changing in the IPv6 world. The need for DNS is actually much greater because of the length of IPv6 addr (more...)
RADIUS Vulnerabilities - RADIUS is known to have a set of weaknesses that are either presented in the protocol itself or caused by poor client implementation. The stateless UDP protocol itself allows easier packet forg (more...)
DHCP with IPv6 - DHCP is widely used to configure hosts with their IPv4 addresses and additional information. If you have an IPv6 network, you do not need DHCP to configure your hosts with address information. (more...)
IPSec Protocols Operations and Modes Overview - IPSec was designed by a dedicated working group of the Internet Engineering Task Force (IETF). The goal behind IPSec creation was the development of a single standard providing high-quality, in (more...)
REXEC - REXEC is often confused with the other r services. However, it bears no relationship to them. REXEC runs on TCP port 512. UNIX distributions often ship without an REXEC client program (more...)
Network File System NFS - The Network File System (NFS) protocol defines a way for co-operating systems to share filesystems. Today, everyone seems to refer to NFS mounts as shares. NFS is based on the RPC (Remote (more...)
SMTP - SMTP is the Simple Mail Transfer Protocol (defined in RFC 821). Among other tasks, its job is to receive mail by accepting connections on TCP port 25 from remote mail servers. By default, UNIX (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.