UDP payload length and packet transmission - networking

I have data 1245 MB for trasmission via UDP over IPv4.
For calculation of expected number of packet transmission from A to B then B relay to C, if the data transmitted in blocks of size 320bytes (i.e; payload = 320bytes), and header is 20 bytes, do we minus 20 from 320 or add in?
For instance,
1245MB = 1305477120 bytes
Total UDP Payload = 320 - 20 or 320 + 20?

The packet consists of:
the IP header (20 bytes)
the UDP header (8 bytes)
your payload (320 bytes).
Total: 348 bytes.

For calculating the number of packets you don't need to take into account the size of the transport or network layer headers. You specified a payload size of 320 bytes, which is well within the maximum size of a UDP payload without fragmentation.
Each time you call send() or sendto(), this will create a datagram (packet), so the math is simply dividing the total size by your 320 byte chunks:
1305477120 / 320 = 4079616 packets
As a side point, if you were to make your UDP payload larger, that would reduce the total number of packets. On a lot of networks, the MTU is 1500 bytes, so you can send:
1500 bytes - IP header (20 bytes) - UDP header (8) bytes = 1472 bytes for payload
As a second side point, if your UDP payload is too big, i.e. payload + IP/UDP headers exceeds the MTU, then your single call to send() would result in multiple IP fragment packets.

Related

Frag size in IPV6 Fragmentation

I am trying fragmentation with IPV6.Using scapy to craft packets.
My payload size is 1400 bytes and fragment size chosen is 500 bytes and sending 3 fragments such that last fragment is never sent. I am seeing that scapy is generating fragment with payload size 432 bytes.
Fragment extension header is around 8 bytes.
IPV6 header is 40 bytes.
If we sum it all then frag size is coming upto 480 bytes,whereas i have specified it to be 500 bytes.
How is this calculation done? and how was the frag payload size decided to be 432 bytes?

Sequence number and acknowledgement number do not match

I have been learning wireshark lately. While inspecting TCP segments, I saw a strange situation, at least for me. There was a mismatching SEQ,ACK numbers. Then I realized that difference between two ACK's same as 1 and half package size. However, as far as I know, ACKs are only growing by the full packet size. So what happened here?
SEQ ACK
1 1
2897 8689
5793 13033 <--
8689 14481
11585
14481
Well, there's not much to go by here, but I'm going to guess that you are capturing packets on the machine sending the large packets, i.e., the packets with 2896 bytes of TCP payload. As such, you are seeing the packets before they are IP-fragmented and actually transmitted out on the wire.
But you can't just send 2896 bytes of data onto the wire; Ethernet links typically impose a 1500 byte MTU (Maximum Transmission Unit), and when you account for IP and TCP header overhead, you usually end up with 1460 bytes of available payload or MSS (Maximum Segment Size). In your case it looks like you're only getting 1448 bytes of available MSS, most likely due to the addition of one or more IP and/or TCP header options.
In any case, the 2896 bytes of payload are going to be fragmented over 2 IP fragments, each containing 1448 bytes of TCP payload. I'm pretty sure that what you're seeing is an ACK from the receiver after having received 1 full segment plus 1 IP fragment from the next segment.
The previous ACK number was 8689, and 8689 + 2896 = 11585. Now add 1/2 of the data segment (2896 / 2 = 1448) and you get 11585 + 1448 = 13033. That's the ACK number you're seeing. Now add the other 1/2 and you get 13033 + 1448 = 14481, which is the ACK number of the next packet.
I hope that makes sense?
For an in depth look at the drawbacks of local packet captures, I direct you to a well-written blog by Jasper Bongertz titled, "The drawbacks of local packet captures".
Since I do not have reputation to comment the answer of Christopher Maynard, I comment it here.
As Christopher stated correctly the MTU (Maximum Transmission Unit) is standard Ethernet networks is 1500Bytes. However, crafting 1460Bytes (1500Bytes - 20Bytes IP Header - 20Bytes TCP Header, ignoring possible TCP options) TCP segments imposes a high load on the network stack since every segment must be handled separately.
As an example, if I want to transmit 1Mb (equals to 1024*1024Bytes = 1048576Bytes) of data, it would result in 1Mb/1460Bytes = 719 segments. In contrast to 1Mb/65525Bytes (theoretical max TCP segment size) = 16 segments. Since the overhead in the Kernel is mostly independent of the segment/packet size, small segments require much more processing.
To counteract this fact, TCP Segmentation Offloading (TSO) was developed. TSO allows the Kernel to craft TCP segments with maximum size and the NIC (Network Interface Card) uses hardware acceleration to split these segments into the separate TCP segments of 1460Bytes. Therefore, no IP fragmentation is required.

Explanation of PDU size in Bluetooth Low Energy 4.2

In Bluetooth Low Energy 4.0 and 4.1, the max PDU of an OTA packet is 39 bytes (47 bytes with preamble, access address and CRC) and was increased to 257 bytes in version 4.2.
The reason of short packet is stability of the radio, long packets heat up the silicon and extra circuitry to be added to keep the frequency stable.So, in BLE 4.1, the longest possible packet is 376 microseconds to avoid heating effect. As the data rate is 1Mhz, 376 microseconds is 376 bits = 47 bytes so the size of PDU is explained. But in the version 4.2, the longest packet is 2120 bits, so 2.12ms and I read 3ms packets in bluetooth classic are long enough to cause problems. So my question is: Why and how did SIG succeed to increase the PDU in version 4.2 know some semiconductor companies state the hardware is the same for all the versions. What did lead to this new PDU length?
In 4.[01], 39 bytes is the maximum LL PDU size reached for advertisement packets (2 bytes of header, 6 bytes of device address, 31 bytes of AD).
For data packets, max PDU size is 33 bytes (2 Header + 4 L2CAP + 23 ATT + 4 MIC).
Note Data channel header counts the PDU size without the header, so this makes the data channel payload size go up to 31 bytes. This is the number that got enlarged in 4.2 (the actual minimal value is 27 bytes if crypto is not supported, because 4-byte MIC will never appear in the packet).
The new data channel payload size defined in 4.2 is the maximum possible value protocol can support, so it's a value a chip may support rather than an absolute packet size every chip must support.
Actual data channel payload size is negotiated with LL_LENGTH_REQ and LL_LENGTH_RSP between the two involved radios. They may negotiate any length from 27 up to 251 bytes (at the payload level) (See Core_v4.2 6.B.2.4.2.21).
In first release of the BLE spec, packet absolute max size was 27 bytes (data payload, without MIC). Spec used a 5-bit field for LL packet size, 3 other bits of this header byte were RFU. It eventually got enlarged to 8-bit with full backward compatibility in 4.2, but there are no more contiguous bit available in the header. To me, this explains why limit is around 256 bytes (give or take because of fixed header sizes that are not part of the byte count): it gives a reasonable extension without changing the protocol much.

Size of empty UDP and TCP packet?

What is the size of an empty UDP datagram? And that of an empty TCP packet?
I can only find info about the MTU, but I want to know what is the "base" size of these, in order to estimate bandwidth consumption for protocols on top of them.
TCP:
Size of Ethernet frame - 24 Bytes
Size of IPv4 Header (without any options) - 20 bytes
Size of TCP Header (without any options) - 20 Bytes
Total size of an Ethernet Frame carrying an IP Packet with an empty TCP Segment - 24 + 20 + 20 = 64 bytes
UDP:
Size of Ethernet frame - 24 Bytes
Size of IPv4 Header (without any options) - 20 bytes
Size of UDP header - 8 bytes
Total size of an Ethernet Frame carrying an IP Packet with an empty UDP Datagram - 24 + 20 + 8 = 52 bytes
Himanshus answer is perfectly correct.
What might be misleading when looking at the structure of an Ethernet frame [see further reading], is that without payload the minimum size of an Ethernet frame would be 18 bytes: Dst Mac(6) + Src Mac(6) + Length (2) + Fcs(4), adding minimum size of IPv4 (20) and TCP (20) gives us a total of 58 bytes.
What has not been mentioned yet is that the minimum payload of an ethernet frame is 46 byte, so the 20+20 byte from the IPv4 an TCP are not enough payload! This means that 6 bytes have to be padded, thats where the total of 64 bytes is coming from.
18(min. Ethernet "header" fields) + 6(padding) + 20(IPv4) + 20(TCP) = 64 bytes
Hope this clears things up a little.
Further Reading:
Ethernet_frame
Ethernet
See User Datagram Protocol. The UDP Header is 8 Bytes (64 bits) long.
The mimimum size of the bare TCP header is 5 words (32bit word), while the maximum size of a TCP header is 15 words.
Best wishes,
Fabian
If you intend to calculate the bandwidth consumption and relate them to the maximum rate of your network (like 1Gb/s or 10Gb/s), it is necessary, as pointed out by Useless, to add the Ethernet framing overhead at layer 1 to the numbers calculated by Felix and others, namely
7 bytes preamble
1 byte start-of-frame delimiter
12 bytes interpacket gap
i.e. a total of 20 more bytes consumed per packet.
If you're looking for a software perspective (after all, Stack Overflow is for software questions) then the frame does not include the FCS, padding, and framing symbol overhead, and the answer is 54:
14 bytes L2 header
20 bytes L3 header
20 bytes L4 header
This occurs in the case of a TCP ack packet, as ack packets have no L4 options.
As for FCS, padding, framing symbol, tunneling, etc. that hardware and intermediate routers generally hide from host software... Software really only cares about the additional overheads because of their effect on throughput. As the other answers note, FCS adds 4 bytes to the frame, making it frame 58 bytes. Therefore 6 bytes of padding are required to reach the minimum frame size of 64 bytes. The Ethernet controller adds an additional 20 bytes of framing symbols, meaning that a packet takes a minimum of 84 byte times (or 672 bit times) on the wire. So, for example, a 1Gbps link can send one packet every 672ns, corresponding to a max packet rate of roughly 1.5MHz. Also, intermediate routers can add various tags and tunnel headers that further increase the minimum TCP packet size at points inside the network (especially in public network backbones).
However, given that software is probably sharing bandwidth with other software, it is reasonable to assume that this question is not asking about total wire bandwidth, but rather how many bytes does the host software need to generate. The host relies on the Ethernet controller (for example this 10Mbps one or this 100Gbps one) to add FCS, padding, and framing symbols, and relies on routers to add tags and tunnels (A virtualization-offload controller, such as in the second link, has an integrated tunnel engine. Older controllers rely on a separate router box). Therefore the minimum TCP packet generated by the host software is 54 bytes.

Overhead with PPP and Ethernet

What is the overhead for PPP and Ethernet sending 5000 bytes?
Frame size for Point-to-Point Protocol: 8 bytes
MTU: 500 bytes
Frame size for Ethernet: 18 bytes
MTU: 1500 bytes
Both sending 5000 bytes..
I know this is just a calculation, but I am not sure how to do it. I can't find it anywhere. I would think that since a PPP frame takes 8 bytes and maximum transmission unit is 500 then it can send (500 - 8)bytes of information in one go. It sends 10 frames, resulting in 4920 bytes sent. Then sends the final (80+8)bytes with the last frame.
Similar for Ethernet. (1500 - 18)bytes with each frame. 3 frames sent means 4446 bytes sent. Sending (554+18)bytes in the last frame.
This obviously doesn't answer the "overhead" question. Anyone have any ideas?
It really depends on how you define overhead. This answer will assume overhead is the number of bytes that you need to transmit in addition to the data itself.
For Ethernet, assuming the 5000 byte payload is not encapsulated in an IP + TCP/UDP frame, you will have 18 bytes of overhead for every packet sent. That means each transmission with an MTU of 1500 will be able to hold 1482 bytes. To transmit 5000 bytes, this means 4 packets must be transmitted, which means an overhead of 72 bytes (18 * 4). Note that the overhead becomes bigger when you include things like the IP frame which contains a TCP frame.
For PPP, as you've already shown, you can send 492 bytes per frame. Eleven frames means 88 bytes of overhead (11 * 8) - again, not including any additional protocol frames within the payload.
In both these examples any protocols that build on top of these link layer protocols will contribute to overhead. For example, an Ethernet packet sent with an IPv4 frame which contains a UDP datagram will have an additional 28 bytes consumed by headers and not data (20 bytes in an IPv4 header and 8 in a UDP header, assuming no IP options). Considering the original Ethernet example, this means the amount of data per packet becomes 1454 bytes, which luckily still comes to 4 packets (the extra spills over into the smaller 4th packet), with 144 bytes of overhead.
You can read more here (I find that page a little hard to read though).

Resources