Type of Service (ToS), now known as Differentiated Services Code Point (DSCP) (usually set to 0, but may indicate particular Quality of Service needs from the network, the DSCP defines the way routers should queue packets while they are waiting to be forwarded).IP Header Length (number of 32 -bit words forming the header, usually five).Source Port, Destination Port, Length and Checksum. I left out UDP since connectionless headers are quite simpler, e.g. I tend to break a Wireshark capture down and try to correlate that to the three most relevant layers and their headers L2-L4. This doesn’t necessarily always help, as that can be even more confusing than looking at abstracted theoretical layers for a greenhorn. When working with interns at work we tend to start by breaking out Wireshark capture. Once they do they become rock stars, as the beauty of decoupling the layers allow for comprehension of enormous scale. I think the encapsulation of the layers can be tough to wrap ones head around as they are entering the field. Layered architectures are great (in theory 🙂 but it requires understanding how they interact with one another. Example, 802.1Q encapsulation is not actually encapsulating the original frame but inserting a 32-bit field with the TPID, VID etc. I tend to try and go back and refresh the basics on the wikis as much as possible. I know a lot of good engineers, Ops and architects that have learned and forgotten fundamental details five times over, me included as we fill our heads with timers of IGPs and framing encapsulations of data center interconnects. Protocols will come and go, Ethernet and IP will undoubtedly be with us for the rest of our careers. Ethernet, IP and Transport headers (L2-L4) are the past present and future of networking. If I could go back in time when I was a n00b kid wanting to go from zero to a million in networking, the one thing I would change would be spending about 6 months on the fundamentals of networking headers and framing before ever touching a single peice of vendor gear. What are Ethernet, IP and TCP Headers in Wireshark Captures
0 kommentar(er)
