Article directory
The basic format of the ICMP protocol is shown in the figure:
1. What is a checksum?
A checksum is basically a value calculated from a packet to check its integrity. Integrity allows us to check that the received data is error-free. This is because packets can become corrupted while being transmitted over the network, and the receiving end must know if the data is corrupted. This is why the checksum field is added to the message. At the source, the checksum is calculated and set as a field in the message. At the destination, the checksum is calculated again and cross-checked with the existing checksum value in the message to see if the packet is normal. icmp needs to verify its message information together with its own data (IP only needs to verify the header information). Therefore, in terms of algorithm, the imcp checksum is: the 16-bit complement of the sum of the two's complement of all 16-bit words in the imcp message.
2.How to verify the checksum
Take IP data packets as an example:
4500 003c 1c46 4000 4006 b1e6 ac10 0a63 ac10 0a0c
Where 'be16' corresponds to the checksum set on the source side (the side sending the packet). Note that, as mentioned before, this field will be set to zero when calculating the checksum on the target side.
- Convert all these values to binary:
4500 -> 0100010100000000
003c -> 0000000000111100
1c46 -> 0001110001000110
4000 -> 0100000000000000
4006 -> 0100000000000110
0000 -> 0000000000000000 // 请注意,校验和设置为零,因为我们在目标端计算校验和
ac10 -> 1010110000010000
0a63 -> 0000101001100011
ac10 -> 1010110000010000
0a0c -> 0000101000001100
- Add binary numbers one by one:
4500 -> 0100010100000000
003c -> 0000000000111100
453C -> 0100010100111100 /// 第一个结果
453C -> 0100010100111100 // 第一个结果加上下一个 16 位字。
1c46 -> 0001110001000110
6182 -> 0110000110000010 // 第二个结果。
6182 -> 0110000110000010 // 第二个结果加上下一个 16 位字。
4000 -> 0100000000000000
A182 -> 1010000110000010 // 第三个结果。
A182 -> 1010000110000010 // 第三个结果加上下一个 16 位字。
4006 -> 0100000000000110
E188 -> 1110000110001000 // 第四个结果。
E188 -> 1110000110001000 // 第四个结果加上下一个 16 位字。
AC10 -> 1010110000010000
18D98 -> 11000110110011000 // 一个奇数位(进位),将该奇数位添加到结果中,因为我们需要将校验和保持为 16 位。
18D98 -> 11000110110011000
8D99 -> 1000110110011001 // 第五个结果
8D99 -> 1000110110011001 // 第五个结果加上下一个 16 位字。
0A63 -> 0000101001100011
97FC -> 1001011111111100 // 第六个结果
97FC -> 1001011111111100 // 第六个结果加上下一个 16 位字。
AC10 -> 1010110000010000
1440C -> 10100010000001100 // 又是一个进位,所以我们加上它(和之前一样)
1440C -> 10100010000001100
440D -> 0100010000001101 // 这是第七个结果
440D -> 0100010000001101 //第七个结果加上下一个16位字
0A0C -> 0000101000001100
4E19 -> 0100111000011001 // 最终结果。
- Now 0100111000011001 is our final result of summing all 16-bit words in the head. Complement it:
4E19 -> 0100111000011001
B1E6 ->1011000111100110 // 校验和
- Compare this checksum with the one obtained in the packet and you will see that both are identical, so the integrity of the IP header is not lost.