TCP Transport Protocol Layer4 Checksum – How to Calculate TCP Checksum

checksumlayer4tcptransport-protocol

I recently started with networking and tcp/ip.
The RFC 793 document tells the checksum is made of:
pseudo header+tcp header+tcp payload+zeroes(if not divisible by 16).
So I have to take 16bit fragments and sum them. And a final ones-complement onto the result.
I have captured a simple-communication, the server pings the client several times.

Device: lo
Number of packets: 900
Filter expression: port 8080

Packet number 1:
IP Header length : 20
       From: 127.0.0.1
         To: 127.0.0.1
   Protocol: TCP
Len : 101 CLen: 101
Seq: 1812084491
Ack: 818336762
   Src port: 8080
   Dst port: 45336
   Payload (35 bytes):
00000   81 21 34 32 5b 22 6d 65  73 73 61 67 65 22 2c 7b    .!42["message",{
00016   22 67 72 65 65 74 69 6e  67 22 3a 22 70 69 6e 67    "greeting":"ping
00032   22 7d 5d                                            "}]
CRC: 0100101111111110

Packet number 2:
IP Header length : 20
       From: 127.0.0.1
         To: 127.0.0.1
   Protocol: TCP
Len : 66 CLen: 66
Seq: 818336762
Ack: 2399287051
   Src port: 45336
   Dst port: 8080
Payload empty
CRC: 0010100011111110

Packet number 3:
IP Header length : 20
       From: 127.0.0.1
         To: 127.0.0.1
   Protocol: TCP
Len : 101 CLen: 101
Seq: 2399287051
Ack: 818336762
   Src port: 8080
   Dst port: 45336
   Payload (35 bytes):
00000   81 21 34 32 5b 22 6d 65  73 73 61 67 65 22 2c 7b    .!42["message",{
00016   22 67 72 65 65 74 69 6e  67 22 3a 22 70 69 6e 67    "greeting":"ping
00032   22 7d 5d                                            "}]
CRC: 0100101111111110

Packet number 4:
IP Header length : 20
       From: 127.0.0.1
         To: 127.0.0.1
   Protocol: TCP
Len : 66 CLen: 66
Seq: 818336762
Ack: 2986489611
   Src port: 45336
   Dst port: 8080
Payload empty
CRC: 0010100011111110

Packet number 5:
IP Header length : 20
       From: 127.0.0.1
         To: 127.0.0.1
   Protocol: TCP
Len : 101 CLen: 101
Seq: 2986489611
Ack: 818336762
   Src port: 8080
   Dst port: 45336
   Payload (35 bytes):
00000   81 21 34 32 5b 22 6d 65  73 73 61 67 65 22 2c 7b    .!42["message",{
00016   22 67 72 65 65 74 69 6e  67 22 3a 22 70 69 6e 67    "greeting":"ping
00032   22 7d 5d                                            "}]
CRC: 0100101111111110

I noticed the CRC of packets 1,3,5 are the same. Why so? I thought the sequence number differ, thus the crc must differ too.

If a TCP packet is sent, when exactly is the checksum calculated, and how do you trigger the layers to do a calculation? (Setting checksum to 0 before sending the packet trough network?)

Best Answer

Think about it. A 16-bit checksum only has 65,536 unique values, so it will be fairly common to repeat checksum values on multiple segments. What you have is not going to be unusual with different segment payloads.

The source TCP calculates the checksum as it creates a segment, and the destination TCP calculates the checksum when it receives a segment. A checksum is a simple method to give some confidence that nothing in the segment was changed along the path. You can have a practically infinite number of different segments, but only 64K different checksum values.

If a TCP packet is sent, when exactly is the checksum calculated, and how do you trigger the layers to do a calculation? (Setting checksum to 0 before sending the packet trough network?)

What your OS actually does is off-topic here.

By the way, ping uses ICMP echo requests and replies, so you did not actually ping.

Related Topic