1. Select one packet. From this packet, determine how many fields there are in the
UDP header. (Do not look in the textbook! Answer these questions directly from
what you observe in the packet trace.) Name these fields.
The UDP header contains 4 fields. They are source Port, Destination port, Length and checksum.
2. From the packet content field, determine the length (in bytes) of each of the UDP
header fields.
The UDP has four fields at two bytes each so in total it is 8 bytes
Source Port is 2 bytes
Destination port is 2 bytes
Length is 2 bytes
Checksum is 2 bytes
3. The value in the Length field is the length of what? Verify your claim with your
captured UDP packet.
The value in the length field is the length of the header and the data inside in bytes.
4. What is the maximum number of bytes that can be included in a UDP payload.
The maximum length with the header included is 65535 but the actual maximum number of bytes with the header excluded is 65527
5. What is the largest possible source port number?
The largest possible source port number is 65535
6. What is the protocol number for UDP? Give your answer in both hexadecimal and
decimal notation. (To answer this question, you’ll need to look into the IP
header.)
The protocol number is 17 in decimal or 11 in hexadecimal
7. Search “UDP” in Google and determine the fields over which the UDP checksum
is calculated.
After searching on google the checksum I found the Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP header, and the data, padded with zero octets at the end (if necessary) to make a multiple of two octets
8. Examine a pair of UDP packets in which the first packet is sent by your host and
the second packet is a reply to the first packet. Describe the relationship between
the port numbers in the two packets.
In the first packet sent by my host the source port of the UDP packet is the same as the destination port of the reply packet. Also the destination port of the UDP packet sent by my host computer matches the source port of the reply packet.
Great information shared...
ReplyDeleteIT Ulm