This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 1 and 2
Revision 1 as of 2004-09-14 10:52:37
Size: 1778
Editor: UlfLamping
Comment: add first content
Revision 2 as of 2004-09-14 11:00:57
Size: 2301
Editor: UlfLamping
Comment: add some rfc links
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:

The version 4 of the IP protocol is widely used all over the world. As the available IP address range is becoming short, version 6 with a much wider address range is becoming more and more common these days.
Line 21: Line 23:
IP dissector is fully functional. Also add info of additional Ethereal features where appropriate, like special statistics of this protocol. IP dissector is fully functional. Ethereal provides some advanced features such as IP defragmentation.
Line 50: Line 52:
 * add link to IP specification and where to find additional info on the web about IP  * [http://www.ietf.org/rfc/rfc791.txt RFC791] "INTERNET PROTOCOL"
 * [http://www.ietf.org/rfc/rfc894.txt RFC894] "Transmission of IP Datagrams over Ethernet Networks"
 * [http://www.ietf.org/rfc/rfc950.txt RFC950] "Internet Standard Subnetting Procedure"
 * [http://www.ietf.org/rfc/rfc1112.txt RFC1112] "Host Extensions for IP Multicasting"
 * [http://www.ietf.org/rfc/rfc1812.txt RFC1812] "Requirements for IP Version 4 Routers"

Internet Protocol (IP)

The Internet Protocol provides the network layer (layer 3) functionality in the TCP/IP protocol suite.

The version 4 of the IP protocol is widely used all over the world. As the available IP address range is becoming short, version 6 with a much wider address range is becoming more and more common these days.

History

XXX - add a brief description of IP history

Protocol dependencies

  • ["Ethernet"]: IP can use ["Ethernet"] and many other protocols. The well known Ethernet type for IP is 0x800.
  • ["ICMP"]: IP uses ["ICMP"] for control messages between hosts.

Example traffic

XXX - Add example traffic here (as plain text or Ethereal screenshot).

Ethereal

IP dissector is fully functional. Ethereal provides some advanced features such as IP defragmentation.

Preference Settings

(XXX add links to preference settings affecting how IP is dissected).

Example capture file

XXX - Add a simple example capture file. Keep it short, it's also a good idea to gzip it to make it even smaller, as Ethereal can open gzipped files automatically.

Display Filter

A complete list of IP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/i/ip.html display filter reference]

  • Show only the IP based traffic (beware: you won't see any ARP packets, if you use this filter!):

     ip 

    Show only the IP based traffic to or from host 192.168.0.10:

     ip.addr==192.168.0.10 

    Show only the IP based traffic not to or from host 192.168.0.10 (beware: this is not identical to ip.addr!=192.168.0.10):

     !(ip.addr==192.168.0.10) 

Capture Filter

  • Show only the IP based traffic to or from host 192.168.0.10:

     host 192.168.0.10 

Discussion

Internet_Protocol (last edited 2018-10-09 12:21:34 by AlexHammer)