I am currently going through my networking slides and was wondering if someone could help me with the concept of fragmentation and reassembly.
I understand how it works, namely how datagrams are split into smaller chunks because network links have a MTU. However the example in the picture is confusing me.
So the first two sections show a length of 1500, because this is the MSU, but shouldn't this mean that the last one should have 1000 (for a total of 4000 bytes) and not 1040? Where did these extra 40 bytes come from? My guess is that because the previous two fragments both had a header of 20 bytes, this extra 40 bytes of data needed to go somewhere, so it will arrive in the last fragment?
Fragflag essentially means that there is another fragment, so all of them will have a Fragflag of 1 except the last fragment which will be at zero. However I don't understand what offset is or how it is calculated. Why is the first offset at zero? Why did we divide the bytes in the datafield (1480) by 8 to get the second offset? Where did this 8 come from? Aside from that, I am assuming that each fragments offset will just increase by this value?
For example, the first fragment will have a offset of 0, the second 185, the third 370 and the fourth 555? (370+185)
Thanks for any help!
There is a 20 byte header in each packet. So the original packet contains 3,980 bytes of data. The fragments contain 1480, 1480, and 1020 bytes of data. 1480 + 1480 + 1020 = 3980
Every bit in the header is precious. Dividing the offset by 8 allows it to fit in 13 bits instead of 16. This means every packet but the last must contain a number of data bytes that is a multiple of 8, which isn't a problem.
The fragmentation and Reassembly has been exclusively explained in the RFC 791. Do go through the Internet Protocol Specification RFC. The RFC has various sections explaining the sample fragmentation and reassembly. All your doubts and questions are well catered in it.
Ans 1: Regarding the lengths of the packet: The original Packet contains 4000 Bytes. This packet is a fully IP packet and hence contains the IP header as well . Thus the payload length is actually 4000 - ( IP Header Length i. e. 20 ).
Actual Payload Length = 4000 - 20 = 3980
Now the packet is fragmented owing to the fact that the length is greater than the MTU ( 1500 Bytes).
Thus the 1st packet contains 1500 Bytes which includes IP header + Payload Fraction.
1500 = 20 ( IP header ) + 1480 ( Data Payload )
Similarly for the other packet.
The third packet shall contain remaining left over data ( 3980 - 1480 -1480 ) = 1020
Thus length of the packet is 20 ( IP Header ) + 1020 ( payload ) = 1040
Ans 2: The offset is the address or the locator from where the data starts with reference to the original data payload. For IP the data payload comprises all the data thats after the IP header and Options header. Thus the system/router takes the payload and divides it into smaller parts and keeps the track of the offset with reference to the original packet so that reassembly can be done.
As given in the RFC Page 12.
"The fragment offset field tells the receiver the position of a fragment in the original datagram. The fragment offset and length determine the portion of the original datagram
covered by this fragment. The more-fragments flag indicates (by being reset) the last fragment. These fields provide sufficient information to reassemble datagrams. "
The fragment offset is measured in Units of 8 bytes each. It has 13 bit field in the IP header. As said in the RFC page 17
"This field indicates where in the datagram this fragment belongs.The fragment offset is measured in units of 8 octets (64 bits). The first fragment has offset zero."
Thus as you asked in the question where did this 8 come from, its the standard thats been defined for IP protocol specification, where 8 octets are taken as one value. This also helps us to transmit large packets via this.
Page 28 of the RFC writes:
*Fragments are counted in units of 8 octets. The fragmentation strategy is designed so than an unfragmented datagram has all zero fragmentation information (MF = 0, fragment offset =
0). If an internet datagram is fragmented, its data portion must be
broken on 8 octet boundaries. This format allows 2**13 = 8192 fragments of 8 octets each for a
total of 65,536 octets. Note that this is consistent with the the
datagram total length field (of course, the header is counted in the
total length and not in the fragments).*
the offset size is 13 bits in the IP header but we need 16 bits as in worst case. So we use a scaling factor of 8 i.e. (2^16/2^13).
those are not extra bits but the total length of last fragment.
as 1500 is MTU this means there can be 1500 byte of data in one fragment including header. Header is appended with every fragment. this means in fragment we are capable of sending 1500-20 =1480 byte of data.
it is given there is 4000B datagram .datagram is nothing but a packet encapsulation of data at network layer.so the total data we have to send is 4000-20=3980 . then it is fragmented into 3parts (ceil(3980/1480)) each of length 1480,1480,1020 respectively . hence when 20B header is appended to last fragment its length becomes 1020+20=1040 .
Related
I am currently going through my networking slides and was wondering if someone could help me with the concept of fragmentation
so i understand the first part till "108 Bytes" but what I don't understand is this "8 Bytes = 13.5 => 13 * 8
Bytes = 104 Bytes"
what are these extra bytes ?
the rest is clear.
You must fragment the packet payload on eight-byte boundaries. With a 128-byte MTU, the largest payload fragment you can have is 104 bytes, which is smaller than simply subtracting the IP header from the MTU (108 bytes). What the text is telling you that subtracting the packet header size (20 bytes) from the MTU, the next smaller fragment size divisible by eight is 104 bytes.
RFC 791, Internet Protocol has a complete description of how IP fragmentation works:
Fragmentation
Fragmentation of an internet datagram is necessary when it originates
in a local net that allows a large packet size and must traverse a
local net that limits packets to a smaller size to reach its
destination.
An internet datagram can be marked "don't fragment." Any internet
datagram so marked is not to be internet fragmented under any
circumstances. If internet datagram marked don't fragment cannot be
delivered to its destination without fragmenting it, it is to be
discarded instead.
Fragmentation, transmission and reassembly across a local network
which is invisible to the internet protocol module is called intranet
fragmentation and may be used [6].
The internet fragmentation and reassembly procedure needs to be able
to break a datagram into an almost arbitrary number of pieces that can
be later reassembled. The receiver of the fragments uses the
identification field to ensure that fragments of different datagrams
are not mixed. The fragment offset field tells the receiver the
position of a fragment in the original datagram. The fragment offset
and length determine the portion of the original datagram covered by
this fragment. The more-fragments flag indicates (by being reset) the
last fragment. These fields provide sufficient information to
reassemble datagrams.
The identification field is used to distinguish the fragments of one
datagram from those of another. The originating protocol module of an
internet datagram sets the identification field to a value that must
be unique for that source-destination pair and protocol for the time
the datagram will be active in the internet system. The originating
protocol module of a complete datagram sets the more-fragments flag to
zero and the fragment offset to zero.
To fragment a long internet datagram, an internet protocol module (for
example, in a gateway), creates two new internet datagrams and copies
the contents of the internet header fields from the long datagram into
both new internet headers. The data of the long datagram is divided
into two portions on a 8 octet (64 bit) boundary (the second portion
might not be an integral multiple of 8 octets, but the first must be).
Call the number of 8 octet blocks in the first portion NFB (for Number
of Fragment Blocks). The first portion of the data is placed in the
first new internet datagram, and the total length field is set to the
length of the first datagram. The more-fragments flag is set to one.
The second portion of the data is placed in the second new internet
datagram, and the total length field is set to the length of the
second datagram. The more-fragments flag carries the same value as
the long datagram. The fragment offset field of the second new
internet datagram is set to the value of that field in the long
datagram plus NFB.
This procedure can be generalized for an n-way split, rather than the
two-way split described.
To assemble the fragments of an internet datagram, an internet
protocol module (for example at a destination host) combines internet
datagrams that all have the same value for the four fields:
identification, source, destination, and protocol. The combination is
done by placing the data portion of each fragment in the relative
position indicated by the fragment offset in that fragment's internet
header. The first fragment will have the fragment offset zero, and
the last fragment will have the more-fragments flag reset to zero.
Per the definition of the Fragment offset field in the IP header:
Fragment offset(13 bits): In case of fragmented IP datagrams, this field contains the offset( in terms of 8 bytes units) from the start of IP datagram. So again, this field is used in reassembly of fragmented IP datagrams.
So even though payload sizes can be whatever, offset values can only be multiple of 8 bytes on IP headers thus payload sizes are 8-byte multiples. The calculation rounds down the IP payload size.
I am writing the network stack for my os.
While receiving the data from ethernet, I have to detect and remove the padding if data is less than 64 bytes and set the data length, as the standard says.
What is the algorithm for doing this?
If the data contains 'a0' , it is less than 64 bytes and it will be padded. If I am checking bytewise, I will get the second bye 0, so it will also be counted as padded data, however it is not.
The Type/Length field will tell you how large the payload is. Wireshark has a pretty good explanation:
Therefore, if the type/length field has a value 1500 or lower, it's a
length field, and is followed by an 802.2 header, otherwise it's a
type field and is followed by the data for the upper layer protocol
(XXX - slight duplicate of sentence above?). Note that when the
length/type field is used as a length field the length value specified
does not include the length of any padding bytes (e.g. if a raw
ethernet frame was sent with a payload containing a single byte of
data the length field would be set to 0x0001 and 45 padding bytes
would be appended to the data field to bring the ethernet frame up to
the required minimum 64-byte length).
When we sent packets from one router to another router on the network layer and the packet size is greater than the MTU (maximum transferable unit) of the router, we have to fragment the packet. My questions is: suppose we need to add padding bits in last fragment, then where do we add padding bits (in the LSB or MSB) and how does the destination router differentiate between packet bits or padding bits?
I want you to consider the following things before:
Limit on the maximum size of IP data-gram is imposed by data link protocol.
IP is the highest layer protocol that is implemented both at routers and hosts.
Reassembly of original data-grams is only done at destination host. This takes off the extra work that need to be done by the routers present in the network core.
I will use the information from the following image to help you get to the answer with an example.
Here initial length of the packet is 2400 bytes which needs to to fragmented according to MTU limit of 1000 bytes.
There are only 13 bits available for the fragment offset and the offset is given as a multiple of eight bytes. This is why the data fields in first and second fragment has size of 976 bytes (It is the highest number divisible by 8, which is smaller than 1000 - 20 bytes). This makes first and second fragment of total size of 996 bytes. The last fragment contains the remaining of 428 bytes of payload (with 448 bytes of total).
Offset can be calculated as 0; 976/8 = 122 and 1952/8 = 244.
When these fragments reach the destination host, reassembly needs to be done. Host uses identification, flag and fragmentation offset for this task. In order to make sure which fragments belong to which data-gram, host uses source, destination addresses and identification to uniquely identify them. Offset values and more fragment bits are used to determine whether all fragments have arrived or not.
Answer to your question
The need to divide payload into multiples of 8 is only required for non-last fragment. Reason of using offset dividing by 8 helps the host to identify the starting address of the next fragment. The host don't need the address of the next fragment if it encounters the last fragment. Thus, no need to worry about payload being multiple of 8 in case of last fragment. Host checks the more fragment flag to identify the last fragment.
A bit of additional information: It is not the responsibility of the network layer to guarantee the delivery of the data-gram. If it encounters that one or more fragment(s) have not arrived then, it simply discards the whole data-gram. Transport layer, which is working above network layer, will take care of this thing, if it is using TCP, by asking the source to re-transmit the data.
Reference: Computer Networking-A Top Down Approach, James F. Kurose, Keith W. Ross (Fifth Edition)
You don't need to add any padding bits. All bits will be push on down the route until the full frame has been sent.
What is the size of an empty UDP datagram? And that of an empty TCP packet?
I can only find info about the MTU, but I want to know what is the "base" size of these, in order to estimate bandwidth consumption for protocols on top of them.
TCP:
Size of Ethernet frame - 24 Bytes
Size of IPv4 Header (without any options) - 20 bytes
Size of TCP Header (without any options) - 20 Bytes
Total size of an Ethernet Frame carrying an IP Packet with an empty TCP Segment - 24 + 20 + 20 = 64 bytes
UDP:
Size of Ethernet frame - 24 Bytes
Size of IPv4 Header (without any options) - 20 bytes
Size of UDP header - 8 bytes
Total size of an Ethernet Frame carrying an IP Packet with an empty UDP Datagram - 24 + 20 + 8 = 52 bytes
Himanshus answer is perfectly correct.
What might be misleading when looking at the structure of an Ethernet frame [see further reading], is that without payload the minimum size of an Ethernet frame would be 18 bytes: Dst Mac(6) + Src Mac(6) + Length (2) + Fcs(4), adding minimum size of IPv4 (20) and TCP (20) gives us a total of 58 bytes.
What has not been mentioned yet is that the minimum payload of an ethernet frame is 46 byte, so the 20+20 byte from the IPv4 an TCP are not enough payload! This means that 6 bytes have to be padded, thats where the total of 64 bytes is coming from.
18(min. Ethernet "header" fields) + 6(padding) + 20(IPv4) + 20(TCP) = 64 bytes
Hope this clears things up a little.
Further Reading:
Ethernet_frame
Ethernet
See User Datagram Protocol. The UDP Header is 8 Bytes (64 bits) long.
The mimimum size of the bare TCP header is 5 words (32bit word), while the maximum size of a TCP header is 15 words.
Best wishes,
Fabian
If you intend to calculate the bandwidth consumption and relate them to the maximum rate of your network (like 1Gb/s or 10Gb/s), it is necessary, as pointed out by Useless, to add the Ethernet framing overhead at layer 1 to the numbers calculated by Felix and others, namely
7 bytes preamble
1 byte start-of-frame delimiter
12 bytes interpacket gap
i.e. a total of 20 more bytes consumed per packet.
If you're looking for a software perspective (after all, Stack Overflow is for software questions) then the frame does not include the FCS, padding, and framing symbol overhead, and the answer is 54:
14 bytes L2 header
20 bytes L3 header
20 bytes L4 header
This occurs in the case of a TCP ack packet, as ack packets have no L4 options.
As for FCS, padding, framing symbol, tunneling, etc. that hardware and intermediate routers generally hide from host software... Software really only cares about the additional overheads because of their effect on throughput. As the other answers note, FCS adds 4 bytes to the frame, making it frame 58 bytes. Therefore 6 bytes of padding are required to reach the minimum frame size of 64 bytes. The Ethernet controller adds an additional 20 bytes of framing symbols, meaning that a packet takes a minimum of 84 byte times (or 672 bit times) on the wire. So, for example, a 1Gbps link can send one packet every 672ns, corresponding to a max packet rate of roughly 1.5MHz. Also, intermediate routers can add various tags and tunnel headers that further increase the minimum TCP packet size at points inside the network (especially in public network backbones).
However, given that software is probably sharing bandwidth with other software, it is reasonable to assume that this question is not asking about total wire bandwidth, but rather how many bytes does the host software need to generate. The host relies on the Ethernet controller (for example this 10Mbps one or this 100Gbps one) to add FCS, padding, and framing symbols, and relies on routers to add tags and tunnels (A virtualization-offload controller, such as in the second link, has an integrated tunnel engine. Older controllers rely on a separate router box). Therefore the minimum TCP packet generated by the host software is 54 bytes.
What is the overhead for PPP and Ethernet sending 5000 bytes?
Frame size for Point-to-Point Protocol: 8 bytes
MTU: 500 bytes
Frame size for Ethernet: 18 bytes
MTU: 1500 bytes
Both sending 5000 bytes..
I know this is just a calculation, but I am not sure how to do it. I can't find it anywhere. I would think that since a PPP frame takes 8 bytes and maximum transmission unit is 500 then it can send (500 - 8)bytes of information in one go. It sends 10 frames, resulting in 4920 bytes sent. Then sends the final (80+8)bytes with the last frame.
Similar for Ethernet. (1500 - 18)bytes with each frame. 3 frames sent means 4446 bytes sent. Sending (554+18)bytes in the last frame.
This obviously doesn't answer the "overhead" question. Anyone have any ideas?
It really depends on how you define overhead. This answer will assume overhead is the number of bytes that you need to transmit in addition to the data itself.
For Ethernet, assuming the 5000 byte payload is not encapsulated in an IP + TCP/UDP frame, you will have 18 bytes of overhead for every packet sent. That means each transmission with an MTU of 1500 will be able to hold 1482 bytes. To transmit 5000 bytes, this means 4 packets must be transmitted, which means an overhead of 72 bytes (18 * 4). Note that the overhead becomes bigger when you include things like the IP frame which contains a TCP frame.
For PPP, as you've already shown, you can send 492 bytes per frame. Eleven frames means 88 bytes of overhead (11 * 8) - again, not including any additional protocol frames within the payload.
In both these examples any protocols that build on top of these link layer protocols will contribute to overhead. For example, an Ethernet packet sent with an IPv4 frame which contains a UDP datagram will have an additional 28 bytes consumed by headers and not data (20 bytes in an IPv4 header and 8 in a UDP header, assuming no IP options). Considering the original Ethernet example, this means the amount of data per packet becomes 1454 bytes, which luckily still comes to 4 packets (the extra spills over into the smaller 4th packet), with 144 bytes of overhead.
You can read more here (I find that page a little hard to read though).