IPV4 data packet structure :
1-1 Version 4 digits : indicates the version number, currently the most extensive is IPv4 = B 0100 , I believe IPv6 = B0110
1-2 Header length 4 bits: the length of the packet header. It indicates how many 32-bit long integers are included in the packet header, that is, how many 4-byte data. No option is 5 (red part).
1-3 Service type: including 8 binary bits, the meaning of each bit is as follows:
Process field: 3 bits, set the importance of the data packet, the larger the value, the more important the data, the value range is: 0 (normal) ~ 7 (network control)
Delay field: 1 bit, value: 0 (normal), 1 (extra low delay)
Flow field: 1 bit, value: 0 (normal), 1 (extra high flow)
Reliability field: 1 bit, value: 0 (normal), 1 (extra high reliability)
Cost field: 1 digit, value: 0 (normal), 1 (period minimum cost)
Reserved field: 1 bit, unused
1-4 Total length 16 bits: The total length of the current IP packet, in bytes. Of course, the maximum can only be 65535, or 63KB.
2-1 Reorganization identifier 16 bits: the order of the packets sent by the sender, incremented by 1 in sequence, if the packets received by the client are out of order. According to this sort, for example
2-2 3 bits:
First place: reserved field
Second digit: Value: 0 (datagram segmentation allowed), 1 (datagram segmentation not allowed)
Third place: whether there are more fragments behind, value: 0 (there is no packet after the data packet, the packet is the last packet), 1 (there are more packets after the data packet)
2-3 segment offset 13 bits: combined with more segment bits to help the receiver to combine segmented messages, in bytes.
[Sample wireshark capture standard bit + offset total 16 bits]
3-1 8-bit survival time: This is the TTL (Time To Live) that is often seen by the ping command. This value decreases by one every time it passes through a router and is discarded to zero.
3-2 Protocol code 8 bits: indicates that the upper layer protocol of the package is used, such as TCP = 6, ICMP = 1, UDP = 17, etc.
[Sample TCP]
3-3 IP header checksum 16 bits : is the checksum of the IPv4 packet header.
The IP header checksum field (16 bits, 2 bytes) only calculates the checksum of all fields in the IP header, it does not calculate the data after the header.
Sender: To calculate the IP header checksum of a datagram, you need to first set this checksum field to 0. Then, the 16 bits (2 bytes) in the header are summed in binary inverse (the entire header is regarded as a string of 16-bit words), and the result is stored in the checksum field.
Recipient: After receiving an IP datagram, the 16 bits (2 bytes) in the header are summed in binary inverse. Since the receiver includes the checksum of the sender's existing header in the calculation process, if the header does not have any errors during transmission, the receiver's calculation should be all ones. If the result is not all ones (ie checksum error), then IP discards the received datagram. However, no error message is generated, and the upper layer finds the lost datagram and retransmits it.
4-1 Source address: 32 bits = 4 bytes, the IP we often see is to separate each byte with a dot (.), That's all.
5-1 Destination address: 32 bits, same as above.
6-1 Optional option: It is mainly used for some special situations. Often, secure routing will be filtered as an attack. The TL-ER5110 routing of TP_LINK can do this.
7-1. User data.
TCP packet structure :
1-1 primordial port 16: now know why TCP port range is 0 - 65535 of it 
.
1-2 Destination port: same as above.
2-1 Data sequence number 32 bits: TCP codes a number for each byte sent, where the sequence number of the first byte of the current packet data is stored.
3-1 Confirm the sequence number 32 bits: For security, TCP tells the receiver that he wants the sequence number of the first byte of the data packet received next time . At the same time, it also confirms that it has received this serial number -1 byte of data.
4-1 The length of the header is 4 bits: similar to IP ---> indicates how many 32 bits (a few four bytes) the data is from the header. 20 bytes, then 5
4-2 6 bits reserved: unused, should be set to zero.
4-3 Urgent bit URG: When URG = 1, it indicates that the urgent pointer field is valid. It tells the system that there is urgent data in this segment, which should be transmitted as soon as possible (equivalent to high priority data).
4-4 Acknowledge bit ACK: The acknowledgment number field is only valid when ACK = 1. When ACK = 0, the confirmation number is invalid. Refer to TCP three-way handshake
4-5 PSH: indicates that the other party requests the application to be delivered to the application immediately after receiving the data , instead of buffering until the buffer is full. Generally 1.
4-6 Reset bit RST (Reset): When RST = 1, it indicates that there is a serious error in the TCP connection (such as due to host crash or other reasons), the connection must be released, and then the transport connection is re-established. Refer to TCP three-way handshake
4-7 Synchronization bit SYN: When the synchronization bit SYN is set to 1, it indicates that this is a connection request or connection acceptance message. Refer to TCP three-way handshake
4-8 Termination bit FIN (FINal): used to release a connection. When FIN = 1, it indicates that the data of the sending end of this segment has been sent and requires the release of the transport connection.
4-9 Window field 16 bits: The window field is used to control the amount of data sent by the other party, in bytes. One end of the TCP connection determines its own receiving window size according to the set buffer space size, and then informs the other party to determine the upper limit of the other party's sending window.
5-1. Packet checksum 16 bits, including header and data. When calculating the checksum, a 12-byte pseudo header is added before the TCP segment. The verification range includes TCP headers, datagram content, and conceptual pseudo headers.
The conceptual pseudo header includes the source IP, destination IP, and TCP protocol number.
5-2. Emergency pointer 16 bits. The emergency pointer indicates the sequence number of the last byte of emergency data in this segment: points to the next byte of the last byte of emergency data in the datagram.
6-1. 24-bit optional option, similar to IP, is an optional option.
6-2. Fill in 8 bits to make the option 32 bits.
7-1. User data ...
======================THE END==================================