Skip to content

1.1 2 Data Communication

PDU (Protocol Data Unit)

  • Transmission Units
    • A different group of data at different OSI layers
  • Ethernet operates on a frame of data
    • It doesn't care what's inside
  • IP operates on a packet of data
    • Inside is TCP or UDP, but IP doesn't really care
  • TCP or UDP
    • TCP segment
    • UDP datagram

Encapsulation and decapsulation

Layer Encapsulation Protocol
5,6,7 Application Application Data HTTPS, IMAP, SSH
4 Transport TCP Header-Application Data TCP, UDP
3 Network IP Header-TCP Header-Application Data IP
2 Data Link Frame Header-IP Header-TCP Header-Application Data-Frame Trailer MAC
1 Physical
Decapsulation
2 Data Link Frame Header-IP Header-TCP Header-Application Data-Frame Trailer
3 Network IP Header-TCP Header-Application Data
4 Transport TCP Header-Application Data
5,6,7 Application Application data

TCP flags

  • The header describes or identified the payload
    • "Here's what you are about to see"
  • The TCP header contains important control infomation
    • Includes a set of bits called TCP flags
  • The flags control the payload
    • SYN - Synchronize sequence numbers
    • PSH - Push the data to the application without bufffering
    • RST - Reset the connection
    • FIN - Last Packet from the sender

Maximum transmission unit (MTU)

  • Maximum IP packet to transmit
    • but not fragment
  • Fragmentation slows things down
    • losing a fragment loses an entire packet
    • Requires overhead along the path
  • Difficult to know the MTU all the way through the path
    • Automated methods are often inaccurate
    • especailly when ICMP is filtered.

Building an ethernet frame
TCP Header, 20bytes TCP Data, 1460 Bytes
IP Header, 20bytes TCP Header, 20 Bytes TCP Data, 1460 Bytes
DLC Header, 14 Bytes IP Header, 20 Bytes TCP Header, 20 Bytes TCP Data, 1460 Bytes FCS, 4 Bytes

What is ip fragmentation?

What if 16 bytes is the Maximum Tranmission Unit (MTU) on the network? 44 bytes of data will need fragmented in the following way Also, Fragments are always in multiples of 8 because of the number of fragmentation offset bits in the IP header |Our Data|Fragment 1|Fragment 2|Fragment 3| |---|---|---|---| |DLC Header|DLC Header|DLC Header|DLC Header| |IP Header|IP Header|IP Header|IP Header| |TCP Header|Fragment 1 Bytes 1-16|Fragment 2 Bytes 17-32|Fragment 3 Bytes 33-44| |TCP Data 24 Bytes| | | |

Troubleshooting MTU(maximum tranmission unit)

  • MTU sizes are usually configured once at network creation
    • based on the network infrastructure
  • A significant concern for tunneled traffic
    • The tunnel may be smaller than your local Ethernet segment
  • What if you send packets with Don't Fragment (DF) set?
    • Routers will respond back and tell you to fragment
    • Hope you will get the ICMP message!
  • Troubleshoot using ping
    • Ping with DF and force a maximum size of 1472 bytes
    • 1500 bytes - 8byte ICMP Header - 20 bytes IP address = 1472
    • Windows: ping -f -l 1472 8.8.8.8
    • Linux and macOS: ping -D -s 1472 8.8.8.8