DS3 interfaces on a Cisco 7000 series router.
Full details: RFC 826.
Ethernet header 28-octet APR request/reply
| |
/-----------+----------\ /---------------------------+------------------------------\
| | |
width in
octets: 6 6 2 2 2 1 1 2 6 4 6 4
+-----------+-----------+---+---+---+-+-+---+-----------+-------+-----------+-------+
| Ethernet | Ethernet | | | |H|P| | Sender | Sender| Target |Target |
|destination| source |FT |HT |PT |S|S|OP | Ethernet | IP | Ethernet | IP |
| address | address | | | | | | | Address |Address| Address |Address|
+-----------+-----------+---+---+---+-+-+---+-----------+-------+-----------+-------+
^ ^ ^ ^ ^ ^
| | | | | |
| | | | | +-- Operation: 1 = ARP request, 2 = ARP reply
| | | | | 3 = RARP request, 4 = RARP reply
| | | | |
| | | | +-- Protocol Size, number of octets
| | | | in the requested network address.
| | | | IP has 4-octet addresses, so 0x04.
| | | |
| | | +-- Hardware Size, number of octets in
| | | the specified hardware address.
| | | Ethernet has 6-octet addresses, so 0x06.
| | |
| | +-- Protocol Type, 0x0800 = IP.
| |
| +-- Hardware Type, Ethernet = 0x0001.
|
+-- Frame Type, 0x0806 = ARP Request or ARP Reply.
This answers "What's inside?" for the encapsulated
data within the Ethernet frame
Firefox users may find that "monospace" isn't really a constant-width
font, and Courier works much better for ASCII art.
Full details: RFC 791, updated by RFC 1349.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type of service
If using "classic" TOS, use and interpret the TOS field as "PreDTRCx", where:
Pre = Precedence = 000 through 111 (with DOD interpretations if desired) D = Delay (1 = minimize delay) T = Throughput (1 = maximize throughput) R = Reliability (1 = maximize reliability) C = Cost (1 = minimize cost) x = reserved, set to "0"
If using Differentiated Services (DiffServ), use and interpret as "000000xy", where:
x: "1" = "ECN capable" y: "1" = "congestion experienced"
Flags
Three bits, use and interpret as "0DM", where:
0 = Use a "0" here! D = Don't Fragment M = More Fragments
Full details: RFC 792.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | unused | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Internet Header + 64 bits of Original Data Datagram | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
DS3 interfaces on a Cisco 7000 series router.
Type
Three bits, use and interpret as "0DM", where:
0 = Echo reply
3 = Destination unreachable
Code
0 Net unreachable
1 Host unreachable
2 Protocol unreachable
3 Port unreachable
4 Fragmentation needed but DF set
5 Source route failed
6 Destination network unknown
7 Destination host unknown
8 Source host isolated
9 Network administratively prohibited
10 Host administratively prohibited
11 Network unreachable for requested TOS
12 Host unreachable for requested TOS
13 Communication administratively prohibited
4 = Source quench
5 = Redirect
Code
0 Redirect datagram for the network
1 Redirect datagram for the host
2 Redirect datagram for the TOS and network
3 Redirect datagram for the TOS and host
8 = Echo request
9 = Router advertisement
10 = Router selection
11 = Time exceeded
Code
0 Time to live exceeded in transit
1 Fragment reassembly time exceeded
12 = Parameter problem
Code
0 Pointer indicates the error
1 Missing a required option
2 Bad length
13 = Timestamp
14 = Timestamp reply
15 = Information request
16 = Information reply
17 = Address mask request
18 = Address mask reply
30 = Traceroute (probably just Microsoft hosts, traceroute
should be done via UDP)
Full details: RFC 1034 and RFC 1035 with many updates.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification | Flags | \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Number of questions | Number of answer RRs | + 12 bytes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Number of authority RRs | Number of additional RRs | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | \ / Questions / | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | / Answers (variable number of resource records / | These | | | fields +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-- are of | | | variable / Authority (variable number of resource records / | length. | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | / Additional information (variable number of resource records / | | | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Flags are a 16-bit field:
1 1 1 1 1 1 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | | | | | | | <-- 4-bit return code:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0000 = no error
^ ^ ^ ^ ^ ^ ^ 0011 = name error
| | | | | | |
| | | | | | +-- 3-bit field that must contain 000.
| | | | | |
| | | | | +-- RA, 1-bit field for "Recursion Available". Set
| | | | | in the response if the server supports recursion.
| | | | |
| | | | +-- RD, 1-bit field for "Recursion Desired".
| | | | Set in the query, returned in the response.
| | | |
| | | +-- TC, set to 1 in the response if the answer
| | | was truncated to 512 bytes.
| | |
| | +-- AA, 1-bit flag meaning "Authoritative Answer"
| | if set to 1 in the response.
| |
| +-- opcode, 4-bit field: 0000 = standard query
| 0001 = inverse query
| 0010 = server status request
|
+-- QR, 1 bit field for Query (0) versus Response (1).
Full details: RFC 793, updated by RFC 1122 and RFC 3168.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | .... data .... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Full details: RFC 768.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | .... data .... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|||||||||
|
|||||||||
|
| © Bob Cromwell Aug 2010. Created with /bin/vi and ImageMagick, hosted on OpenBSD with Apache. Root password available here, privacy policy here. |
