- Select one UDP packet from your trace. From this packet, determine how many fields there are in the UDP header. (You shouldn’t look in the textbook! Answer these questions directly from what you observe in the packet trace.) Name these fields.
如下四字段:Source Port; Destination Port; Length; Checksum;
- By consulting the displayed information in Wireshark’s packet content field for this packet, determine the length (in bytes) of each of the UDP header fields.
每个UDP头部字段由4个2字节的数据构成,统共8字节。
- The value in the Length field is the length of what? (You can consult the text for this answer). Verify your claim with your captured UDP packet.
是数据段和头部字段大小之和。
以本数据包为例,Length: 40 = Data: 30 + Header: 8;
- What is the maximum number of bytes that can be included in a UDP payload?
(Hint: the answer to this question can be determined by your answer to 2. above)
由于Length = Data + Header
Length为2bytes,最大记录2^16,^故payload可装载最大数据2^16-8=65527bytes。
- What is the largest possible source port number? (Hint: see the hint in 4.)
同理可知,端口记录范围是0~2^16-1,故最大端口号可为65534。
- What is the protocol number for UDP? Give your answer in both hexadecimal and decimal notation. To answer this question, you’ll need to look into the Protocol field of the IP datagram containing this UDP segment (see Figure 4.13 in the text, and the discussion of IP header fields).
UDP协议编号为11(hexadecimal)或17(decimal)。
- Examine a pair of UDP packets in which your host sends the first UDP packet and the second UDP packet is a reply to this first UDP packet. (Hint: for a second packet to be sent in response to a first packet, the sender of the first packet should be the destination of the second packet). Describe the relationship between the port numbers in the two packets.
发送时的源端口号和目标端口号与接收到的相应包的源端口号和目标端口号相反。
如图:52097, 7844 与 7844, 52097。