Friday, 29 June 2018

IP/TCP/UDP Checksum

IP Header Checksum Calculation


IP checksum is a 16-bit field in IP header used for error detection for IP header.
It equals to the one’s complement of the one’s complement sum of all 16 bit words in the IP header. The checksum field is initialized to all zeros at computation.


For example, if an IP header is 0x4500003044224000800600008c7c19acae241e2b. 
We start by calculating the one’s complement sum. First, divide the header hex into 16 bits each and sum them up,
4500 + 0030 + 4422 + 4000 + 8006 + 0000 + 8c7c + 19ac + ae24 + 1e2b = 2BBCF
Next fold the result into 16 bits by adding the carry to the result,
2 +  BBCF  = BBD1
The final step is to compute the one’s complement of the one’s complement’s sum,
BBD1 = 1011101111010001
IP checksum = one’s complement(1011101111010001) = 0100010000101110 = 442E
Receiver Side:
---------------
  
Note that IP header needs to be parsed at each hop, because IP addresses are needed to route the packet. To detect the errors at IP header, the checksum is validated at every hop.
The validation is done using the same algorithm. But this time the initialized checksum value is 442E.
2BBCF + 442E = 2FFFD, then 2 + FFFD = FFFF
Take the one’s complement of FFFF = 0.
At validation, the checksum computation should evaluate to 0 if the IP header is correct.
TCP Checksum Calculation


TCP Checksum is a 16-bit field in TCP header used for error detection. It is computed over the TCP segment (might plus some padding) and a 12-byte TCP pseudo header created on the fly. Same as IP checksum, TCP checksum is also one’s complement of the one’s complement sum of all 16 bit words in the computation data.
Below is a figure that illustrates the data used to calculate TCP checksum,
As shown in the figure, the pseudo header consists of 5 fields,
  • source address: 32 bits/4 bytes, taken from IP header
  • destination address: 32bits/4 bytes, taken from IP header
  • resevered: 8 bits/1 byte, all zeros
  • protocol: 8 bits/1 byte, taken from IP header. In case of TCP, this should always be 6, which is the assigned protocol number for TCP.
  • TCP Length: The length of the TCP segment, including TCP header and TCP data. Note that this field is not available in TCP header, therefore is computed on the fly.
Note that TCP pseudo header does not really exist, and it’s not transmitted over the network. It’s constructed on the fly to compute the checksum.








Also note the checksum field of the TCP header needs to be initialized to zeros before checksum calculation. And it’s set to the computed value after the computation.
When TCP packet is received at the destination, the receiving TCP code also performs the TCP calculation and see if there’s a mismatch. If there is, it means there’s error in the packet and it will be discarded. 
UDP Checksum Calcuation
UDP Checksum calculation is similar to TCP Checksum computation
Note that UDP checksum is optional. If it’s not computed, it’s set to all 0s. 








No comments:

Post a Comment