thanks for fixing my concept. rectified! I hope Burno also got the answer! well, just to know , how abuot UDP ? i am not able to get the details abt it ????
since in fpm configuration we might need such details ??? plz do reply and update us! regards, Kamran Shakil ITA NDC Operations Engineer BS(CS) MCSE CGAdmin CCDA CCNA CCNP CCDP CS-CFEDS CS-CIPCES CS-CIPCCES CS-CWALANDS CCIE-Sec. MidEast Data Systems LLC Oman Cell: + 968 95804126 Office: + 968 24576640 http://www.mynameise.com/kamranshakil77 Confidentiality Warning: "This message and any attachments are intended only for the use of the intended recipient(s), are confidential, and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy, copying, circulation or other use of all or any portion of this message and any attachments is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system." -----Original Message----- From: Kingsley Charles [mailto:[email protected]] Sent: Fri 11/26/2010 8:50 AM To: Kamran Shakil Cc: Bruno; [email protected] Subject: Re: [OSL | CCIE_Security] Fragment offset The fixed part of the both TCP and IP header is 20 bytes. With options, they may go to 24 bytes. With regards Kings On Fri, Nov 26, 2010 at 9:49 AM, Kamran Shakil <[email protected]>wrote: > > Bruno, TCP is 24 bytes, IP is 20 bytes. > > Take a look here : http://mike.passwall.com/networking/samplepacket.html > > > regards, > > Kamran Shakil > ITA NDC Operations Engineer > BS(CS) MCSE CGAdmin CCDA CCNA > CCNP CCDP CS-CFEDS CS-CIPCES > CS-CIPCCES CS-CWALANDS CCIE-Sec. > MidEast Data Systems LLC Oman > Cell: + 968 95804126 > Office: + 968 24576640 > http://www.mynameise.com/kamranshakil77 > > Confidentiality Warning: > "This message and any attachments are intended only for the use of the > intended recipient(s), are confidential, and may be privileged. If you are > not the intended recipient, you are hereby notified that any review, > retransmission, conversion to hard copy, copying, circulation or other use > of all or any portion of this message and any attachments is strictly > prohibited. If you are not the intended recipient, please notify the sender > immediately by return e-mail, and delete this message and any attachments > from your system." > > > > -----Original Message----- > From: [email protected] on behalf of Bruno > Sent: Thu 11/25/2010 8:42 PM > To: Kingsley Charles > Cc: [email protected] > Subject: Re: [OSL | CCIE_Security] Fragment offset > > I thought TCP header had 20byes > > > On Thu, Nov 25, 2010 at 12:38 PM, Kingsley Charles < > [email protected]> wrote: > > > Hi all > > For the given below example, the fragment offset in the second > packet should be 185 right? The TCP header has not been considered while > calcuating the offset in the given below example. > > Snippet from http://www.tech-faq.com/packet-fragmentation.html > > > > A Packet Fragmentation Example > > > If a 2,366 byte packet enters an Ethernet network with a default MTU > size, it must be fragmented into two packets. > > The first packet will: > > * Be 1,500 bytes in length. 20 bytes will be the IP header, 24 > bytes will be the TCP header, and 1,456 bytes will be data. > * Have the DF bit equal to 0 to mean "May Fragment" and the MF > bit equal to 1 to mean "More Fragments." > * Have a Fragmentation Offset of 0. > > The second packet will: > > * Be 910 bytes in length. 20 bytes will be the IP header, 24 > bytes will be the TCP header, and 866 bytes will be data. > * Have the DF bit equal to 0 to mean "May Fragment" and the MF > bit equal to 0 to mean "Last Fragment." > * Have a Fragmentation Offset of 182 (Note: 182 is 1456 > divided by 8). > > > > With regards > Kings > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, > please visit www.ipexpert.com > > > > > > > -- > Bruno Fagioli (by Jaunty Jackalope) > Cisco Security Professional > > > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
