IP ID field
It is a 2 Byte value that is used to identify a packet and help with reassembling the packet after fragmentation.
We can use it to track a packet through the network. It is usually incremented by each station it passes through.
TIP:
Depending on the ‘jump’ in the value we can have an idea how busy a device is. This is not always the case since some stations will randomize the value.
IP TTL field
255
128
64
Decremented by each router when it hit zero it is dropped. This prevents routing loops.
We can use this to guess how many hops between us and the server.
IP Fragmentation
Note Flags:
-dont fragment: 0
means fragmentation is allowed
-more fragments: 1
means the packet was broken up and associated fragment will follow.
-more fragments: 0
means this is the last packet in the fragmentation series, no more to follow.
The idea behind IP fragmentation is to break up a packet into a smaller one if the MTU (Maximum Transmission Unit) at a station (Router) is too large.
The IP ID will be the same for each piece of the packet so it can be reassembled at the destination.
IPV6
2000::/3 - Globally rotatable address
FC00::/7 - Unique local unicast
FE80::/10 - Link local unicast
Headers
Traffic class similar to diffserv
payload length
next header
hop limit similar to TTL
source and destination address
