Solved

TCP/IP

Posted on 2004-09-14
25
313 Views
Last Modified: 2013-11-29
there is something confusing me here. if a packet is passed in the internet layer and if the palket is too big, what will happen?? will the packet get discarded, or will it be split in smaller pieces. can someone explain to me what really happen???
0
Comment
Question by:pritam123456
  • 6
  • 5
  • 3
  • +4
25 Comments
 
LVL 17

Accepted Solution

by:
Microtech earned 25 total points
ID: 12054234
Hi pritam123456,
the maximum size data that can be carried in an ethernet frame is 1500 bytes (headers are 28bytes) if the frame is over 1500 bytes it will fragment it and then reassemble it at the other end. The data is only reassembled at the destination host and can be received in any order. each segment is identified by a sequence number in the tcp header. During the session setup, both sides inform each other what their starting sequence numbers will be. the session startup is indicated in the SYN flag in the tcp header. each time a segment is transmitted, the sequence number is incremented by the number of data octets transmitted.

Hope This helps
0
 
LVL 17

Expert Comment

by:Microtech
ID: 12054244
octect = 8 bits (byte)
0
 
LVL 27

Assisted Solution

by:pseudocyber
pseudocyber earned 25 total points
ID: 12054253
IP is designed to fragment and reassemble the packet on the other end.  So, the answer is split into smaller pieces - known as fragmentation.

This page illustrates and explains the process nicely:  http://www.tcpipguide.com/free/t_IPMessageFragmentationProcess.htm

0
 

Author Comment

by:pritam123456
ID: 12054297
sorry i did not ask the question well. suppose the packet is in the internet layer, it is too big and it cant be passed onto the network. what will happen to the packet???
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 12054396
The data link layer (which I assume you're calling the "network") would see it's a "giant" and drop it.
0
 

Author Comment

by:pritam123456
ID: 12054466
actually i am reading about TCP/IP and it all about layering.  let say suppose the packet has already passed to the application layer and trasport layer and now it is in the internet layer. from the internet layer it need to be send to the network layer. what will happen if the packet is too big?? thats my question
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12054517
The answer to your Question is --> it depends.

One router might be configured to fragment and pass along a too-large packet. The next router in the link might decide you're launching a DOS attack and simply discard your packet. It all depends on the routers involved in the communications and how those routers have been configured.
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 12054597
pritam123456  - are you talking about the DoD 4 layer model or the OSI Seven Layer Model?

You can try this out yourself.  

C:\WINDOWS>ping -l 2000 127.1.0.1

Pinging 127.1.0.1 with 2000 bytes of data:

Reply from 127.0.0.1: bytes=2000 time<1ms TTL=128
Reply from 127.0.0.1: bytes=2000 time<1ms TTL=128
Reply from 127.0.0.1: bytes=2000 time<1ms TTL=128
Reply from 127.0.0.1: bytes=2000 time<1ms TTL=128

Ping statistics for 127.1.0.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\WINDOWS>ping -l 2000 -f 127.1.0.1

Pinging 127.1.0.1 with 2000 bytes of data:

Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.

Ping statistics for 127.1.0.1:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
0
 
LVL 7

Expert Comment

by:crazijoe
ID: 12055232
Is this homework?
0
 

Author Comment

by:pritam123456
ID: 12055327
no its not homework. am a help desk and i just want to want to know more about TCP/IP.
0
 
LVL 7

Expert Comment

by:crazijoe
ID: 12055355
Good enough. Just asking. It's hard to tell the men from the boys.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:pritam123456
ID: 12055406
well this does not answer my question. anyway thanks for trying to help me
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12055447
I suggest that we HAVE answered your Question, it just wasn't the Answer you thot you'd get.
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 12055456
PsiCop answered it with - it depends on the equipment it's traversing.

I asked you if you're referring to the 4 layer DoD model or the 7 layer OSI model.
0
 
LVL 1

Expert Comment

by:Spankyxeon
ID: 12055459
here you go pretty simple really,

it will split into smaller pieces and then reassemble it at the other end. The data is only reassembled at the destination host and can be received in any order.
0
 

Author Comment

by:pritam123456
ID: 12055469
am referring to the 7 layer OSI model
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 12055472
>>can be received in any order.

That really depends on the application - video and voice isn't really happy with being fragmented and reassembled in any order ... ;)
0
 
LVL 1

Expert Comment

by:Spankyxeon
ID: 12055502
I believe he is looking for a SIMPLE understanding, if you want indepth take a course, CNA and MS Networking are two pretty good course so you can understand it in depth.

Always some a$$clown trying to out do the next guy and confusing the original question
0
 
LVL 7

Expert Comment

by:crazijoe
ID: 12055515
I asked the question about homework because you have asked another question basically on the same topic.
http://www.experts-exchange.com/Networking/Q_21130223.html
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 12055533
Ok.  

>>trasport layer and now it is in the internet layer. from the internet layer it need to be send to the network layer. what will happen if the packet is too big?? thats my question

Let's say the frame makes it from the transport layer (layer 4 TCP) to the network layer (layer 3 IP) down to the data link (layer 2 ethernet) and it's still too big?  Then the ethernet/data link layer will see a GIANT frame, record it as an error and drop it ... UNLESS ... it's configured to support "jumbo frames" for GigE.

0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 12059812
The internet layer configuration includes a variable called MTU (Maximum Transmission Unit).  If it receives a packet passed down from layers above which exceeds this size, it will break it into chunks no bigger than this, and insert header information which allows the internet layer on the receiving end to reassemble the pieces before passing it to the transport layer.

This should not normally be necessary, since the transport layer includes similar code, and also looks at the MTU value.  But sometimes things like VPNs, etc, insert padding between when the packet is encapsulated by the transport layer and when it is received by the Internetwork layer.

Note that the MTU size varies with the interface type.  So a router's Internetwork layer may receive a packet from one interface which is too large to forward on another interface without fragmenting it....

This is all, though, governed by the "DF" flag in the transport packet header.  If this bit is set, the packet is not fragmented and instead an ICMP error packet is returned to the sender.

0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12636366
*shrug* Whatever
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now