IP Header Checksum 的計算

deeperpurple

                                此前看過某帖談起IP報頭的CheckSum，我們知道IP是不可靠的，IP報頭的差錯控制，只有依靠CheckSum來控制整個傳輸過程中IP報頭的可靠性，整個IP報頭結構如下：

RFC 791 -- Internet Protocol 對CheckSum字段是這樣描述的：
  The Header Checksum provides a verification that the information used
  in processing internet datagram has been transmitted correctly.  The
  data may contain errors.  If the header checksum fails, the internet
  datagram is discarded at once by the entity which detects the error.
  The internet protocol does not provide a reliable communication acility.  There are no acknowledgments either end-to-end or hop-by-hop.  There is no error control for data, only a header checksum.  There are no retransmissions.  There is no flow control.
  Errors detected may be reported via the Internet Control Message Protocol (ICMP) [3] which is implemented in the internet protocol module.
IP Header CheckSum的計算描述如下：
The checksum algorithm is:
      The checksum field is the 16 bit one's complement of the one's
      complement sum of all 16 bit words in the header.  For purposes of
      computing the checksum, the value of the checksum field is zero.
看著撓頭，但基本意思是CheckSum是把IP Header里其它字段值進行sum，找了一些Sniffer包中的IP Header
來求和，結果與CheckSum字段不同，而且明顯也不是16個bit的值；
今天在www.netexpert.cn偶爾發(fā)現(xiàn)結果，計算方式如下：

以上圖為例，圖中陰影區(qū)域為IP Header各字段值，CheckSum為0x8b4f
4500
0028
6bab
4000
8006
8b4f --這是CheckSum結果
3b4e
331c
cf2e
+c63c
-----
374ad
3+74ad=74b0
7    4    b    0
0111 0100 1011 0000
求反碼
1000 1011 0100 1111
8    b    4    f
               
               
               
               
               
               
               
               
               

本文來自ChinaUnix博客，如果查看原文請點：http://blog.chinaunix.net/u/26393/showart_200726.html