IP Header Checksum 的计算

deeperpurple

                                此前看过某帖谈起IP报头的CheckSum，我们知道IP是不可靠的，IP报头的差错控制，只有依靠CheckSum来控制整个传输过程中IP报头的可靠性，整个IP报头结构如下：

RFC 791 -- Internet Protocol 对CheckSum字段是这样描述的：
  The Header Checksum provides a verification that the information used
  in processing internet datagram has been transmitted correctly.  The
  data may contain errors.  If the header checksum fails, the internet
  datagram is discarded at once by the entity which detects the error.
  The internet protocol does not provide a reliable communication acility.  There are no acknowledgments either end-to-end or hop-by-hop.  There is no error control for data, only a header checksum.  There are no retransmissions.  There is no flow control.
  Errors detected may be reported via the Internet Control Message Protocol (ICMP) [3] which is implemented in the internet protocol module.
IP Header CheckSum的计算描述如下：
The checksum algorithm is:
      The checksum field is the 16 bit one's complement of the one's
      complement sum of all 16 bit words in the header.  For purposes of
      computing the checksum, the value of the checksum field is zero.
看着挠头，但基本意思是CheckSum是把IP Header里其它字段值进行sum，找了一些Sniffer包中的IP Header
来求和，结果与CheckSum字段不同，而且明显也不是16个bit的值；
今天在www.netexpert.cn偶尔发现结果，计算方式如下：

以上图为例，图中阴影区域为IP Header各字段值，CheckSum为0x8b4f
4500
0028
6bab
4000
8006
8b4f --这是CheckSum结果
3b4e
331c
cf2e
+c63c
-----
374ad
3+74ad=74b0
7    4    b    0
0111 0100 1011 0000
求反码
1000 1011 0100 1111
8    b    4    f
               
               
               
               
               
               
               
               
               

本文来自ChinaUnix博客，如果查看原文请点：http://blog.chinaunix.net/u/26393/showart_200726.html