/-----------------------------\ | Xine - issue #1 - Phile 014 | \-----------------------------/ Summary of useful data in building TCP/IP packets. -------------------------------------------------- (arranged by Kernel Panic as a reference for building packets for Injector). ** from the packet driver manual: --------------------------------------------------------------- | preamble.. | from address | to address | TYPE | ...data.... | --------------------------------------------------------------- 6 bytes 6 bytes 2 bytes many bytes Regular Ethernet uses the TYPE field to hold a number which is the kind of protocol. TCP/IP's TYPE is 0800. Only from address, to address and type must be supplied to the packet driver. ** from RFC 1340 VERSION NUMBERS In the Internet Protocol (IP) [45,105] there is a field to identify the version of the internetwork general protocol. This field is 4 bits in size. Assigned Internet Version Numbers Decimal Keyword Version References ------- ------- ------- ---------- 0 Reserved [JBP] 1-3 Unassigned [JBP] 4 IP Internet Protocol [105,JBP] 5 ST ST Datagram Mode [49,JWF] 6-14 Unassigned [JBP] 15 Reserved [JBP] ... PROTOCOL NUMBERS In the Internet Protocol (IP) [45,105] there is a field, called Protocol, to identify the the next level protocol. This is an 8 bit field. Assigned Internet Protocol Numbers Decimal Keyword Protocol References ------- ------- -------- ---------- 0 Reserved [JBP] 1 ICMP Internet Control Message [97,JBP] 2 IGMP Internet Group Management [43,JBP] 3 GGP Gateway-to-Gateway [60,MB] 4 IP IP in IP (encasulation) [JBP] 5 ST Stream [49,JWF] 6 TCP Transmission Control [106,JBP] 7 UCL UCL [PK] 8 EGP Exterior Gateway Protocol [123,DLM1] 9 IGP any private interior gateway [JBP] 10 BBN-RCC-MON BBN RCC Monitoring [SGC] 11 NVP-II Network Voice Protocol [22,SC3] 12 PUP PUP [8,XEROX] 13 ARGUS ARGUS [RWS4] 14 EMCON EMCON [BN7] 15 XNET Cross Net Debugger [56,JFH2] 16 CHAOS Chaos [NC3] 17 UDP User Datagram [104,JBP] 18 MUX Multiplexing [23,JBP] 19 DCN-MEAS DCN Measurement Subsystems [DLM1] 20 HMP Host Monitoring [59,RH6] 21 PRM Packet Radio Measurement [ZSU] 22 XNS-IDP XEROX NS IDP [133,XEROX] 23 TRUNK-1 Trunk-1 [BWB6] 24 TRUNK-2 Trunk-2 [BWB6] 25 LEAF-1 Leaf-1 [BWB6] 26 LEAF-2 Leaf-2 [BWB6] 27 RDP Reliable Data Protocol [138,RH6] 28 IRTP Internet Reliable Transaction [79,TXM] 29 ISO-TP4 ISO Transport Protocol Class 4 [63,RC77] 30 NETBLT Bulk Data Transfer Protocol [20,DDC1] 31 MFE-NSP MFE Network Services Protocol [124,BCH2] 32 MERIT-INP MERIT Internodal Protocol [HWB] 33 SEP Sequential Exchange Protocol [JC120] 34 3PC Third Party Connect Protocol [SAF3] 35 IDPR Inter-Domain Policy Routing Protocol [MXS1] 36 XTP XTP [GXC] 37 DDP Datagram Delivery Protocol [WXC] 38 IDPR-CMTP IDPR Control Message Transport Proto [MXS1] 39 TP++ TP++ Transport Protocol [DXF] 40 IL IL Transport Protocol [DXP2] 41-60 Unassigned [JBP] 61 any host internal protocol [JBP] 62 CFTP CFTP [50,HCF2] 63 any local network [JBP] 64 SAT-EXPAK SATNET and Backroom EXPAK [SHB] 65 KRYPTOLAN Kryptolan [PXL1] 66 RVD MIT Remote Virtual Disk Protocol [MBG] 67 IPPC Internet Pluribus Packet Core [SHB] 68 any distributed file system [JBP] 69 SAT-MON SATNET Monitoring [SHB] 70 VISA VISA Protocol [GXT1] 71 IPCV Internet Packet Core Utility [SHB] 72 CPNX Computer Protocol Network Executive [DXM2] 73 CPHB Computer Protocol Heart Beat [DXM2] 74 WSN Wang Span Network [VXD] 75 PVP Packet Video Protocol [SC3] 76 BR-SAT-MON Backroom SATNET Monitoring [SHB] 77 SUN-ND SUN ND PROTOCOL-Temporary [WM3] 78 WB-MON WIDEBAND Monitoring [SHB] 79 WB-EXPAK WIDEBAND EXPAK [SHB] 80 ISO-IP ISO Internet Protocol [MTR] 81 VMTP VMTP [DRC3] 82 SECURE-VMTP SECURE-VMTP [DRC3] 83 VINES VINES [BXH] 84 TTP TTP [JXS] 85 NSFNET-IGP NSFNET-IGP [HWB] 86 DGP Dissimilar Gateway Protocol [74,ML109] 87 TCF TCF [GAL5] 88 IGRP IGRP [18,GXS] 89 OSPFIGP OSPFIGP [83,JTM4] 90 Sprite-RPC Sprite RPC Protocol [143,BXW] 91 LARP Locus Address Resolution Protocol [BXH] 92 MTP Multicast Transport Protocol [SXA] 93 AX.25 AX.25 Frames [BK29] 94 IPIP IP-within-IP Encapsulation Protocol [JXI1] 95 MICP Mobile Internetworking Control Pro. [JXI1] 96 AES-SP3-D AES Security Protocol 3-D [HXH] 97 ETHERIP Ethernet-within-IP Encapsulation [RXH1] 98 ENCAP Encapsulation Header [148,RXB3] 99-254 Unassigned [JBP] 255 Reserved [JBP] ... WELL KNOWN PORT NUMBERS The Well Known Ports are controlled and assigned by the IANA and on most systems can only be used by system (or root) processes or by programs executed by privileged users. Ports are used in the TCP [45,106] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port. The contact port is sometimes called the "well-known port". To the extent possible, these same port assignments are used with the UDP [46,104]. The assigned ports use a small portion of the possible port numbers. For many years the assigned ports were in the range 0-255. Recently, the range for assigned ports managed by the IANA has been expanded to the range 0-1023. Port Assignments: Keyword Decimal Description References ------- ------- ----------- ---------- 0/tcp Reserved [JBP] 0/udp Reserved [JBP] tcpmux 1/tcp TCP Port Service Multiplexer [MKL] tcpmux 1/udp TCP Port Service Multiplexer [MKL] compressnet 2/tcp Management Utility [BV15] compressnet 2/udp Management Utility [BV15] compressnet 3/tcp Compression Process [BV15] compressnet 3/udp Compression Process [BV15] 4/tcp Unassigned [JBP] 4/udp Unassigned [JBP] rje 5/tcp Remote Job Entry [12,JBP] rje 5/udp Remote Job Entry [12,JBP] 6/tcp Unassigned [JBP] 6/udp Unassigned [JBP] echo 7/tcp Echo [95,JBP] echo 7/udp Echo [95,JBP] 8/tcp Unassigned [JBP] 8/udp Unassigned [JBP] discard 9/tcp Discard [94,JBP] discard 9/udp Discard [94,JBP] 10/tcp Unassigned [JBP] 10/udp Unassigned [JBP] systat 11/tcp Active Users [89,JBP] systat 11/udp Active Users [89,JBP] 12/tcp Unassigned [JBP] 12/udp Unassigned [JBP] daytime 13/tcp Daytime [93,JBP] daytime 13/udp Daytime [93,JBP] 14/tcp Unassigned [JBP] 14/udp Unassigned [JBP] 15/tcp Unassigned [was netstat] [JBP] 15/udp Unassigned [JBP] 16/tcp Unassigned [JBP] 16/udp Unassigned [JBP] qotd 17/tcp Quote of the Day [100,JBP] qotd 17/udp Quote of the Day [100,JBP] msp 18/tcp Message Send Protocol [RXN] msp 18/udp Message Send Protocol [RXN] chargen 19/tcp Character Generator [92,JBP] chargen 19/udp Character Generator [92,JBP] ftp-data 20/tcp File Transfer [Default Data] [96,JBP] ftp-data 20/udp File Transfer [Default Data] [96,JBP] ftp 21/tcp File Transfer [Control] [96,JBP] ftp 21/udp File Transfer [Control] [96,JBP] 22/tcp Unassigned [JBP] 22/udp Unassigned [JBP] telnet 23/tcp Telnet [112,JBP] telnet 23/udp Telnet [112,JBP] 24/tcp any private mail system [RA11] 24/udp any private mail system [RA11] smtp 25/tcp Simple Mail Transfer [102,JBP] smtp 25/udp Simple Mail Transfer [102,JBP] 26/tcp Unassigned [JBP] 26/udp Unassigned [JBP] nsw-fe 27/tcp NSW User System FE [24,RHT] nsw-fe 27/udp NSW User System FE [24,RHT] 28/tcp Unassigned [JBP] 28/udp Unassigned [JBP] msg-icp 29/tcp MSG ICP [85,RHT] msg-icp 29/udp MSG ICP [85,RHT] 30/tcp Unassigned [JBP] 30/udp Unassigned [JBP] msg-auth 31/tcp MSG Authentication [85,RHT] msg-auth 31/udp MSG Authentication [85,RHT] 32/tcp Unassigned [JBP] 32/udp Unassigned [JBP] dsp 33/tcp Display Support Protocol [EXC] dsp 33/udp Display Support Protocol [EXC] 34/tcp Unassigned [JBP] 34/udp Unassigned [JBP] 35/tcp any private printer server [JBP] 35/udp any private printer server [JBP] 36/tcp Unassigned [JBP] 36/udp Unassigned [JBP] time 37/tcp Time [108,JBP] time 37/udp Time [108,JBP] 38/tcp Unassigned [JBP] 38/udp Unassigned [JBP] rlp 39/tcp Resource Location Protocol [MA] rlp 39/udp Resource Location Protocol [MA] 40/tcp Unassigned [JBP] 40/udp Unassigned [JBP] graphics 41/tcp Graphics [129,JBP] graphics 41/udp Graphics [129,JBP] nameserver 42/tcp Host Name Server [99,JBP] nameserver 42/udp Host Name Server [99,JBP] nicname 43/tcp Who Is [55,ANM2] nicname 43/udp Who Is [55,ANM2] mpm-flags 44/tcp MPM FLAGS Protocol [JBP] mpm-flags 44/udp MPM FLAGS Protocol [JBP] mpm 45/tcp Message Processing Module [recv] [98,JBP] mpm 45/udp Message Processing Module [recv] [98,JBP] mpm-snd 46/tcp MPM [default send] [98,JBP] mpm-snd 46/udp MPM [default send] [98,JBP] ni-ftp 47/tcp NI FTP [134,SK8] ni-ftp 47/udp NI FTP [134,SK8] 48/tcp Unassigned [JBP] 48/udp Unassigned [JBP] login 49/tcp Login Host Protocol [PHD1] login 49/udp Login Host Protocol [PHD1] re-mail-ck 50/tcp Remote Mail Checking Protocol [171,SXD1] re-mail-ck 50/udp Remote Mail Checking Protocol [171,SXD1] la-maint 51/tcp IMP Logical Address Maintenance [76,AGM] la-maint 51/udp IMP Logical Address Maintenance [76,AGM] xns-time 52/tcp XNS Time Protocol [SXA] xns-time 52/udp XNS Time Protocol [SXA] domain 53/tcp Domain Name Server [81,95,PM1] domain 53/udp Domain Name Server [81,95,PM1] xns-ch 54/tcp XNS Clearinghouse [SXA] xns-ch 54/udp XNS Clearinghouse [SXA] isi-gl 55/tcp ISI Graphics Language [7,RB9] isi-gl 55/udp ISI Graphics Language [7,RB9] xns-auth 56/tcp XNS Authentication [SXA] xns-auth 56/udp XNS Authentication [SXA] 57/tcp any private terminal access [JBP] 57/udp any private terminal access [JBP] xns-mail 58/tcp XNS Mail [SXA] xns-mail 58/udp XNS Mail [SXA] 59/tcp any private file service [JBP] 59/udp any private file service [JBP] 60/tcp Unassigned [JBP] 60/udp Unassigned [JBP] ni-mail 61/tcp NI MAIL [5,SK8] ni-mail 61/udp NI MAIL [5,SK8] acas 62/tcp ACA Services [EXW] acas 62/udp ACA Services [EXW] via-ftp 63/tcp VIA Systems - FTP [DXD] via-ftp 63/udp VIA Systems - FTP [DXD] covia 64/tcp Communications Integrator (CI) [TXD] covia 64/udp Communications Integrator (CI) [TXD] tacacs-ds 65/tcp TACACS-Database Service [3,KH43] tacacs-ds 65/udp TACACS-Database Service [3,KH43] sql*net 66/tcp Oracle SQL*NET [JFH2] sql*net 66/udp Oracle SQL*NET [JFH2] bootps 67/tcp Bootstrap Protocol Server [36,WJC2] bootps 67/udp Bootstrap Protocol Server [36,WJC2] bootpc 68/tcp Bootstrap Protocol Client [36,WJC2] bootpc 68/udp Bootstrap Protocol Client [36,WJC2] tftp 69/tcp Trivial File Transfer [126,DDC1] tftp 69/udp Trivial File Transfer [126,DDC1] gopher 70/tcp Gopher [MXC1] gopher 70/udp Gopher [MXC1] netrjs-1 71/tcp Remote Job Service [10,RTB3] netrjs-1 71/udp Remote Job Service [10,RTB3] netrjs-2 72/tcp Remote Job Service [10,RTB3] netrjs-2 72/udp Remote Job Service [10,RTB3] netrjs-3 73/tcp Remote Job Service [10,RTB3] netrjs-3 73/udp Remote Job Service [10,RTB3] netrjs-4 74/tcp Remote Job Service [10,RTB3] netrjs-4 74/udp Remote Job Service [10,RTB3] 75/tcp any private dial out service [JBP] 75/udp any private dial out service [JBP] 76/tcp Unassigned [JBP] 76/udp Unassigned [JBP] 77/tcp any private RJE service [JBP] 77/udp any private RJE service [JBP] vettcp 78/tcp vettcp [CXL1] vettcp 78/udp vettcp [CXL1] finger 79/tcp Finger [52,KLH] finger 79/udp Finger [52,KLH] www 80/tcp World Wide Web HTTP [TXL] www 80/udp World Wide Web HTTP [TXL] hosts2-ns 81/tcp HOSTS2 Name Server [EAK1] hosts2-ns 81/udp HOSTS2 Name Server [EAK1] xfer 82/tcp XFER Utility [TXS2] xfer 82/udp XFER Utility [TXS2] mit-ml-dev 83/tcp MIT ML Device [DXR3] mit-ml-dev 83/udp MIT ML Device [DXR3] ctf 84/tcp Common Trace Facility [HXT] ctf 84/udp Common Trace Facility [HXT] mit-ml-dev 85/tcp MIT ML Device [DXR3] mit-ml-dev 85/udp MIT ML Device [DXR3] mfcobol 86/tcp Micro Focus Cobol [SXE] mfcobol 86/udp Micro Focus Cobol [SXE] 87/tcp any private terminal link [JBP] 87/udp any private terminal link [JBP] kerberos 88/tcp Kerberos [BCN] kerberos 88/udp Kerberos [BCN] su-mit-tg 89/tcp SU/MIT Telnet Gateway [MRC] su-mit-tg 89/udp SU/MIT Telnet Gateway [MRC] dnsix 90/tcp DNSIX Securit Attribute Token Map [CXW1] dnsix 90/udp DNSIX Securit Attribute Token Map [CXW1] mit-dov 91/tcp MIT Dover Spooler [EBM] mit-dov 91/udp MIT Dover Spooler [EBM] npp 92/tcp Network Printing Protocol [LXM] npp 92/udp Network Printing Protocol [LXM] dcp 93/tcp Device Control Protocol [DT15] dcp 93/udp Device Control Protocol [DT15] objcall 94/tcp Tivoli Object Dispatcher [TXB1] objcall 94/udp Tivoli Object Dispatcher [TXB1] supdup 95/tcp SUPDUP [27,MRC] supdup 95/udp SUPDUP [27,MRC] dixie 96/tcp DIXIE Protocol Specification [TXH1] dixie 96/udp DIXIE Protocol Specification [TXH1] swift-rvf 97/tcp Swift Remote Vitural File Protocol [MXR] swift-rvf 97/udp Swift Remote Vitural File Protocol [MXR] tacnews 98/tcp TAC News [ANM2] tacnews 98/udp TAC News [ANM2] metagram 99/tcp Metagram Relay [GEOF] metagram 99/udp Metagram Relay [GEOF] newacct 100/tcp [unauthorized use] hostname 101/tcp NIC Host Name Server [54,ANM2] hostname 101/udp NIC Host Name Server [54,ANM2] iso-tsap 102/tcp ISO-TSAP [16,MTR] iso-tsap 102/udp ISO-TSAP [16,MTR] gppitnp 103/tcp Genesis Point-to-Point Trans Net [PXM1] gppitnp 103/udp Genesis Point-to-Point Trans Net [PXM1] acr-nema 104/tcp ACR-NEMA Digital Imag. & Comm. 300 [PXM1] acr-nema 104/udp ACR-NEMA Digital Imag. & Comm. 300 [PXM1] csnet-ns 105/tcp Mailbox Name Nameserver [127,MS56] csnet-ns 105/udp Mailbox Name Nameserver [127,MS56] 3com-tsmux 106/tcp 3COM-TSMUX [JXS5] 3com-tsmux 106/udp 3COM-TSMUX [JXS5] rtelnet 107/tcp Remote Telnet Service [101,JBP] rtelnet 107/udp Remote Telnet Service [101,JBP] snagas 108/tcp SNA Gateway Access Server [KXM] snagas 108/udp SNA Gateway Access Server [KXM] pop2 109/tcp Post Office Protocol - Version 2 [14,JKR1] pop2 109/udp Post Office Protocol - Version 2 [14,JKR1] pop3 110/tcp Post Office Protocol - Version 3 [122,MTR] pop3 110/udp Post Office Protocol - Version 3 [122,MTR] sunrpc 111/tcp SUN Remote Procedure Call [DXG] sunrpc 111/udp SUN Remote Procedure Call [DXG] mcidas 112/tcp McIDAS Data Transmission Protocol [GXD] mcidas 112/udp McIDAS Data Transmission Protocol [GXD] auth 113/tcp Authentication Service [130,MCSJ] auth 113/udp Authentication Service [130,MCSJ] audionews 114/tcp Audio News Multicast [MXF2] audionews 114/udp Audio News Multicast [MXF2] sftp 115/tcp Simple File Transfer Protocol [73,MKL1] sftp 115/udp Simple File Transfer Protocol [73,MKL1] ansanotify 116/tcp ANSA REX Notify [NXH] ansanotify 116/udp ANSA REX Notify [NXH] uucp-path 117/tcp UUCP Path Service [44,MAE] uucp-path 117/udp UUCP Path Service [44,MAE] sqlserv 118/tcp SQL Services [LXB3] sqlserv 118/udp SQL Services [LXB3] nntp 119/tcp Network News Transfer Protocol [65,PL4] nntp 119/udp Network News Transfer Protocol [65,PL4] cfdptkt 120/tcp CFDPTKT [JXO3] cfdptkt 120/udp CFDPTKT [JXO3] erpc 121/tcp Encore Expedited Remote Pro.Call [132,JXO] erpc 121/udp Encore Expedited Remote Pro.Call [132,JXO] smakynet 122/tcp SMAKYNET [MXO] smakynet 122/udp SMAKYNET [MXO] ntp 123/tcp Network Time Protocol [80,DLM1] ntp 123/udp Network Time Protocol [80,DLM1] ansatrader 124/tcp ANSA REX Trader [NXH] ansatrader 124/udp ANSA REX Trader [NXH] locus-map 125/tcp Locus PC-Interface Net Map Ser [137,EP53] locus-map 125/udp Locus PC-Interface Net Map Ser [137,EP53] unitary 126/tcp Unisys Unitary Login [FEIL] unitary 126/udp Unisys Unitary Login [FEIL] locus-con 127/tcp Locus PC-Interface Conn Server [137,EP53] locus-con 127/udp Locus PC-Interface Conn Server [137,EP53] gss-xlicen 128/tcp GSS X License Verification [JXL] gss-xlicen 128/udp GSS X License Verification [JXL] pwdgen 129/tcp Password Generator Protocol [141,FJW] pwdgen 129/udp Password Generator Protocol [141,FJW] cisco-fna 130/tcp cisco FNATIVE [WXB] cisco-fna 130/udp cisco FNATIVE [WXB] cisco-tna 131/tcp cisco TNATIVE [WXB] cisco-tna 131/udp cisco TNATIVE [WXB] cisco-sys 132/tcp cisco SYSMAINT [WXB] cisco-sys 132/udp cisco SYSMAINT [WXB] statsrv 133/tcp Statistics Service [DLM1] statsrv 133/udp Statistics Service [DLM1] ingres-net 134/tcp INGRES-NET Service [MXB] ingres-net 134/udp INGRES-NET Service [MXB] loc-srv 135/tcp Location Service [JXP] loc-srv 135/udp Location Service [JXP] profile 136/tcp PROFILE Naming System [LLP] profile 136/udp PROFILE Naming System [LLP] netbios-ns 137/tcp NETBIOS Name Service [JBP] netbios-ns 137/udp NETBIOS Name Service [JBP] netbios-dgm 138/tcp NETBIOS Datagram Service [JBP] netbios-dgm 138/udp NETBIOS Datagram Service [JBP] netbios-ssn 139/tcp NETBIOS Session Service [JBP] netbios-ssn 139/udp NETBIOS Session Service [JBP] emfis-data 140/tcp EMFIS Data Service [GB7] emfis-data 140/udp EMFIS Data Service [GB7] emfis-cntl 141/tcp EMFIS Control Service [GB7] emfis-cntl 141/udp EMFIS Control Service [GB7] bl-idm 142/tcp Britton-Lee IDM [SXS1] bl-idm 142/udp Britton-Lee IDM [SXS1] imap2 143/tcp Interim Mail Access Protocol v2 [MRC] imap2 143/udp Interim Mail Access Protocol v2 [MRC] news 144/tcp NewS [JAG] news 144/udp NewS [JAG] uaac 145/tcp UAAC Protocol [DAG4] uaac 145/udp UAAC Protocol [DAG4] iso-tp0 146/tcp ISO-IP0 [86,MTR] iso-tp0 146/udp ISO-IP0 [86,MTR] iso-ip 147/tcp ISO-IP [MTR] iso-ip 147/udp ISO-IP [MTR] cronus 148/tcp CRONUS-SUPPORT [135,JXB] cronus 148/udp CRONUS-SUPPORT [135,JXB] aed-512 149/tcp AED 512 Emulation Service [AXB] aed-512 149/udp AED 512 Emulation Service [AXB] sql-net 150/tcp SQL-NET [MXP] sql-net 150/udp SQL-NET [MXP] hems 151/tcp HEMS [87,CXT] hems 151/udp HEMS [87,CXT] bftp 152/tcp Background File Transfer Program [AD14] bftp 152/udp Background File Transfer Program [AD14] sgmp 153/tcp SGMP [37,MS9] sgmp 153/udp SGMP [37,MS9] netsc-prod 154/tcp NETSC [SH37] netsc-prod 154/udp NETSC [SH37] netsc-dev 155/tcp NETSC [SH37] netsc-dev 155/udp NETSC [SH37] sqlsrv 156/tcp SQL Service [CMR] sqlsrv 156/udp SQL Service [CMR] knet-cmp 157/tcp KNET/VM Command/Message Protocol[77,GSM11] knet-cmp 157/udp KNET/VM Command/Message Protocol[77,GSM11] pcmail-srv 158/tcp PCMail Server [19,MXL] pcmail-srv 158/udp PCMail Server [19,MXL] nss-routing 159/tcp NSS-Routing [JXR] nss-routing 159/udp NSS-Routing [JXR] sgmp-traps 160/tcp SGMP-TRAPS [37,MS9] sgmp-traps 160/udp SGMP-TRAPS [37,MS9] snmp 161/tcp SNMP [15,MTR] snmp 161/udp SNMP [15,MTR] snmptrap 162/tcp SNMPTRAP [15,MTR] snmptrap 162/udp SNMPTRAP [15,MTR] cmip-man 163/tcp CMIP/TCP Manager [4,AXB1] cmip-man 163/udp CMIP/TCP Manager [4,AXB1] cmip-agent 164/tcp CMIP/TCP Agent [4,AXB1] smip-agent 164/udp CMIP/TCP Agent [4,AXB1] xns-courier 165/tcp Xerox 144,SXA] xns-courier 165/udp Xerox [144,SXA] s-net 166/tcp Sirius Systems [BXL] s-net 166/udp Sirius Systems [BXL] namp 167/tcp NAMP [MS9] namp 167/udp NAMP [MS9] rsvd 168/tcp RSVD [NT12] rsvd 168/udp RSVD [NT12] send 169/tcp SEND [WDW11] send 169/udp SEND [WDW11] print-srv 170/tcp Network PostScript [BKR] print-srv 170/udp Network PostScript [BKR] multiplex 171/tcp Network Innovations Multiplex [KXD] multiplex 171/udp Network Innovations Multiplex [KXD] cl/1 172/tcp Network Innovations CL/1 [KXD] cl/1 172/udp Network Innovations CL/1 [KXD] xyplex-mux 173/tcp Xyplex [BXS] xyplex-mux 173/udp Xyplex [BXS] mailq 174/tcp MAILQ [RXZ] mailq 174/udp MAILQ [RXZ] vmnet 175/tcp VMNET [CXT] vmnet 175/udp VMNET [CXT] genrad-mux 176/tcp GENRAD-MUX [RXT] genrad-mux 176/udp GENRAD-MUX [RXT] xdmcp 177/tcp X Display Manager Control Protocol [RWS4] xdmcp 177/udp X Display Manager Control Protocol [RWS4] nextstep 178/tcp NextStep Window Server [LXH] NextStep 178/udp NextStep Window Server [LXH] bgp 179/tcp Border Gateway Protocol [KSL] bgp 179/udp Border Gateway Protocol [KSL] ris 180/tcp Intergraph [DXB] ris 180/udp Intergraph [DXB] unify 181/tcp Unify [VXS] unify 181/udp Unify [VXS] audit 182/tcp Unisys Audit SITP [GXG] audit 182/udp Unisys Audit SITP [GXG] ocbinder 183/tcp OCBinder [JXO1] ocbinder 183/udp OCBinder [JXO1] ocserver 184/tcp OCServer [JXO1] ocserver 184/udp OCServer [JXO1] remote-kis 185/tcp Remote-KIS [RXD1] remote-kis 185/udp Remote-KIS [RXD1] kis 186/tcp KIS Protocol [RXD1] kis 186/udp KIS Protocol [RXD1] aci 187/tcp Application Communication Interface [RXC1] aci 187/udp Application Communication Interface [RXC1] mumps 188/tcp Plus Five's MUMPS [HS23] mumps 188/udp Plus Five's MUMPS [HS23] qft 189/tcp Queued File Transport [WXS] qft 189/udp Queued File Transport [WXS] gacp 190/tcp Gateway Access Control Protocol [PCW] cacp 190/udp Gateway Access Control Protocol [PCW] prospero 191/tcp Prospero [BCN] prospero 191/udp Prospero [BCN] osu-nms 192/tcp OSU Network Monitoring System [DXK] osu-nms 192/udp OSU Network Monitoring System [DXK] srmp 193/tcp Spider Remote Monitoring Protocol [TXS] srmp 193/udp Spider Remote Monitoring Protocol [TXS] irc 194/tcp Internet Relay Chat Protocol [JXO2] irc 194/udp Internet Relay Chat Protocol [JXO2] dn6-nlm-aud 195/tcp DNSIX Network Level Module Audit [LL69] dn6-nlm-aud 195/udp DNSIX Network Level Module Audit [LL69] dn6-smm-red 196/tcp DNSIX Session Mgt Module Audit Redir[LL69] dn6-smm-red 196/udp DNSIX Session Mgt Module Audit Redir[LL69] dls 197/tcp Directory Location Service [SXB] dls 197/udp Directory Location Service [SXB] dls-mon 198/tcp Directory Location Service Monitor [SXB] dls-mon 198/udp Directory Location Service Monitor [SXB] smux 199/tcp SMUX [MTR] smux 199/udp SMUX [MTR] src 200/tcp IBM System Resource Controller [GXM] src 200/udp IBM System Resource Controller [GXM] at-rtmp 201/tcp AppleTalk Routing Maintenance [RXC] at-rtmp 201/udp AppleTalk Routing Maintenance [RXC] at-nbp 202/tcp AppleTalk Name Binding [RXC] at-nbp 202/udp AppleTalk Name Binding [RXC] at-3 203/tcp AppleTalk Unused [RXC] at-3 203/udp AppleTalk Unused [RXC] at-echo 204/tcp AppleTalk Echo [RXC] at-echo 204/udp AppleTalk Echo [RXC] at-5 205/tcp AppleTalk Unused [RXC] at-5 205/udp AppleTalk Unused [RXC] at-zis 206/tcp AppleTalk Zone Information [RXC] at-zis 206/udp AppleTalk Zone Information [RXC] at-7 207/tcp AppleTalk Unused [RXC] at-7 207/udp AppleTalk Unused [RXC] at-8 208/tcp AppleTalk Unused [RXC] at-8 208/udp AppleTalk Unused [RXC] tam 209/tcp Trivial Authenticated Mail Protocol [DXB1] tam 209/udp Trivial Authenticated Mail Protocol [DXB1] z39.50 210/tcp ANSI Z39.50 [MXN] z39.50 210/udp ANSI Z39.50 [MXN] 914c/g 211/tcp Texas Instruments 914C/G Terminal [BXH1] 914c/g 211/udp Texas Instruments 914C/G Terminal [BXH1] anet 212/tcp ATEXSSTR [JXT] anet 212/udp ATEXSSTR [JXT] ipx 213/tcp IPX [DP666] ipx 213/udp IPX [DP666] vmpwscs 214/tcp VM PWSCS [DXS] vmpwscs 214/udp VM PWSCS [DXS] softpc 215/tcp Insignia Solutions [MXT] softpc 215/udp Insignia Solutions [MXT] atls 216/tcp Access Technology License Server [LXD] atls 216/udp Access Technology License Server [LXD] dbase 217/tcp dBASE Unix [DXG1] dbase 217/udp dBASE Unix [DXG1] mpp 218/tcp Netix Message Posting Protocol [STY] mpp 218/udp Netix Message Posting Protocol [STY] uarps 219/tcp Unisys ARPs [AXM1] uarps 219/udp Unisys ARPs [AXM1] imap3 220/tcp Interactive Mail Access Protocol v3 [JXR2] imap3 220/udp Interactive Mail Access Protocol v3 [JXR2] fln-spx 221/tcp Berkeley rlogind with SPX auth [KXA] fln-spx 221/udp Berkeley rlogind with SPX auth [KXA] fsh-spx 222/tcp Berkeley rshd with SPX auth [KXA] fsh-spx 222/udp Berkeley rshd with SPX auth [KXA] cdc 223/tcp Certificate Distribution Center [KXA] cdc 223/udp Certificate Distribution Center [KXA] 224-241 Reserved [JBP] sur-meas 243/tcp Survey Measurement [6,DDC1] sur-meas 243/udp Survey Measurement [6,DDC1] link 245/tcp LINK [1,RDB2] link 245/udp LINK [1,RDB2] dsp3270 246/tcp Display Systems Protocol [39,WJS1] dsp3270 246/udp Display Systems Protocol [39,WJS1] 247-255 Reserved [JBP] pawserv 345/tcp Perf Analysis Workbench pawserv 345/udp Perf Analysis Workbench zserv 346/tcp Zebra server zserv 346/udp Zebra server fatserv 347/tcp Fatmen Server fatserv 347/udp Fatmen Server clearcase 371/tcp Clearcase [DXL1] clearcase 371/udp Clearcase [DXL1] ulistserv 372/tcp Unix Listserv [AXK] ulistserv 372/udp Unix Listserv [AXK] legent-1 373/tcp Legent Corporation [KXB] legent-1 373/udp Legent Corporation [KXB] legent-2 374/tcp Legent Corporation [KXB] legent-2 374/udp Legent Corporation [KXB] exec 512/tcp remote process execution; authentication performed using passwords and UNIX loppgin names biff 512/udp used by mail system to notify users of new mail received; currently receives messages only from processes on the same machine login 513/tcp remote login a la telnet; automatic authentication performed based on priviledged port numbers and distributed data bases which identify "authentication domains" who 513/udp maintains data bases showing who's logged in to machines on a local net and the load average of the machine cmd 514/tcp like exec, but automatic authentication is performed as for login server syslog 514/udp printer 515/tcp spooler printer 515/udp spooler talk 517/tcp like tenex link, but across machine - unfortunately, doesn't use link protocol (this is actually just a rendezvous port from which a tcp connection is established) talk 517/udp like tenex link, but across machine - unfortunately, doesn't use link protocol (this is actually just a rendezvous port from which a tcp connection is established) ntalk 518/tcp ntalk 518/udp utime 519/tcp unixtime utime 519/udp unixtime efs 520/tcp extended file name server router 520/udp local routing process (on site); uses variant of Xerox NS routing information protocol timed 525/tcp timeserver timed 525/udp timeserver tempo 526/tcp newdate tempo 526/udp newdate courier 530/tcp rpc courier 530/udp rpc conference 531/tcp chat conference 531/udp chat netnews 532/tcp readnews netnews 532/udp readnews netwall 533/tcp for emergency broadcasts netwall 533/udp for emergency broadcasts uucp 540/tcp uucpd uucp 540/udp uucpd klogin 543/tcp klogin 543/udp kshell 544/tcp krcmd kshell 544/udp krcmd new-rwho 550/tcp new-who new-rwho 550/udp new-who dsf 555/tcp dsf 555/udp remotefs 556/tcp rfs server remotefs 556/udp rfs server rmonitor 560/tcp rmonitord rmonitor 560/udp rmonitord monitor 561/tcp monitor 561/udp chshell 562/tcp chcmd chshell 562/udp chcmd 9pfs 564/tcp plan 9 file service 9pfs 564/udp plan 9 file service whoami 565/tcp whoami whoami 565/udp whoami meter 570/tcp demon meter 570/udp demon meter 571/tcp udemon meter 571/udp udemon ipcserver 600/tcp Sun IPC server ipcserver 600/udp Sun IPC server nqs 607/tcp nqs nqs 607/udp nqs mdqs 666/tcp mdqs 666/udp elcsd 704/tcp errlog copy/server daemon elcsd 704/udp errlog copy/server daemon netcp 740/tcp NETscout Control Protocol [AXS2] netcp 740/udp NETscout Control Protocol [AXS2] netgw 741/tcp netGW [OXK] netgw 741/udp netGW [OXK] netrcs 742/tcp Network based Rev. Cont. Sys. [GXC2] netrcs 742/udp Network based Rev. Cont. Sys. [GXC2] flexlm 744/tcp Flexible License Manager [MXC2] flexlm 744/udp Flexible License Manager [MXC2] fujitsu-dev 747/tcp Fujitsu Device Control fujitsu-dev 747/udp Fujitsu Device Control ris-cm 748/tcp Russell Info Sci Calendar Manager ris-cm 748/udp Russell Info Sci Calendar Manager kerberos-adm 749/tcp kerberos administration kerberos-adm 749/udp kerberos administration rfile 750/tcp loadav 750/udp pump 751/tcp pump 751/udp qrh 752/tcp qrh 752/udp rrh 753/tcp rrh 753/udp tell 754/tcp send tell 754/udp send nlogin 758/tcp nlogin 758/udp con 759/tcp con 759/udp ns 760/tcp ns 760/udp rxe 761/tcp rxe 761/udp quotad 762/tcp quotad 762/udp cycleserv 763/tcp cycleserv 763/udp omserv 764/tcp omserv 764/udp webster 765/tcp webster 765/udp phonebook 767/tcp phone phonebook 767/udp phone vid 769/tcp vid 769/udp cadlock 770/tcp cadlock 770/udp rtip 771/tcp rtip 771/udp cycleserv2 772/tcp cycleserv2 772/udp submit 773/tcp notify 773/udp rpasswd 774/tcp acmaint_dbd 774/udp entomb 775/tcp acmaint_transd 775/udp wpages 776/tcp wpages 776/udp wpgs 780/tcp wpgs 780/udp hp-collector 781/tcp hp performance data collector hp-collector 781/udp hp performance data collector hp-managed-node 782/tcp hp performance data managed node hp-managed-node 782/udp hp performance data managed node hp-alarm-mgr 783/tcp hp performance data alarm manager hp-alarm-mgr 783/udp hp performance data alarm manager mdbs_daemon 800/tcp mdbs_daemon 800/udp device 801/tcp device 801/udp xtreelic 996/tcp XTREE License Server xtreelic 996/udp XTREE License Server maitrd 997/tcp maitrd 997/udp busboy 998/tcp puparp 998/udp garcon 999/tcp applix 999/udp Applix ac puprouter 999/tcp puprouter 999/udp cadlock 1000/tcp ock 1000/udp ... REGISTERED PORT NUMBERS The Registered Ports are not controlled by the IANA and on most systems can be used by ordinary user processes or programs executed by ordinary users. Ports are used in the TCP [45,106] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port. While the IANA can not control uses of these ports it does register or list uses of these ports as a convienence to the community. To the extent possible, these same port assignments are used with the UDP [46,104]. The Registered Ports are in the range 1024-65535. Port Assignments: Keyword Decimal Description References ------- ------- ----------- ---------- blackjack 1025/tcp network blackjack blackjack 1025/udp network blackjack hermes 1248/tcp hermes 1248/udp bbn-mmc 1347/tcp multi media conferencing bbn-mmc 1347/udp multi media conferencing bbn-mmx 1348/tcp multi media conferencing bbn-mmx 1348/udp multi media conferencing sbook 1349/tcp Registration Network Protocol [SXS4] sbook 1349/udp Registration Network Protocol [SXS4] editbench 1350/tcp Registration Network Protocol [SXS4] editbench 1350/udp Registration Network Protocol [SXS4] equationbuilder 1351/tcp Digital Tool Works (MIT) [TXT1] equationbuilder 1351/udp Digital Tool Works (MIT) [TXT1] lotusnote 1352/tcp Lotus Note [GXP1] lotusnote 1352/udp Lotus Note [GXP1] ingreslock 1524/tcp ingres ingreslock 1524/udp ingres orasrv 1525/tcp oracle orasrv 1525/udp oracle prospero-np 1525/tcp prospero non-privileged prospero-np 1525/udp prospero non-privileged tlisrv 1527/tcp oracle tlisrv 1527/udp oracle coauthor 1529/tcp oracle coauthor 1529/udp oracle issd 1600/tcp issd 1600/udp nkd 1650/tcp nkd 1650/udp callbook 2000/tcp callbook 2000/udp dc 2001/tcp wizard 2001/udp curry globe 2002/tcp globe 2002/udp mailbox 2004/tcp emce 2004/udp CCWS mm conf berknet 2005/tcp oracle 2005/udp invokator 2006/tcp raid-cc 2006/udp raid dectalk 2007/tcp raid-am 2007/udp conf 2008/tcp terminaldb 2008/udp news 2009/tcp whosockami 2009/udp search 2010/tcp pipe_server 2010/udp raid-cc 2011/tcp raid servserv 2011/udp ttyinfo 2012/tcp raid-ac 2012/udp raid-am 2013/tcp raid-cd 2013/udp troff 2014/tcp raid-sf 2014/udp cypress 2015/tcp raid-cs 2015/udp bootserver 2016/tcp bootserver 2016/udp cypress-stat 2017/tcp bootclient 2017/udp terminaldb 2018/tcp rellpack 2018/udp whosockami 2019/tcp about 2019/udp xinupageserver 2020/tcp xinupageserver 2020/udp servexec 2021/tcp xinuexpansion1 2021/udp down 2022/tcp xinuexpansion2 2022/udp xinuexpansion3 2023/tcp xinuexpansion3 2023/udp xinuexpansion4 2024/tcp xinuexpansion4 2024/udp ellpack 2025/tcp xribs 2025/udp scrabble 2026/tcp scrabble 2026/udp shadowserver 2027/tcp shadowserver 2027/udp submitserver 2028/tcp submitserver 2028/udp device2 2030/tcp device2 2030/udp blackboard 2032/tcp blackboard 2032/udp glogger 2033/tcp glogger 2033/udp scoremgr 2034/tcp scoremgr 2034/udp imsldoc 2035/tcp imsldoc 2035/udp objectmanager 2038/tcp objectmanager 2038/udp lam 2040/tcp lam 2040/udp interbase 2041/tcp interbase 2041/udp isis 2042/tcp isis 2042/udp isis-bcast 2043/tcp isis-bcast 2043/udp rimsl 2044/tcp rimsl 2044/udp cdfunc 2045/tcp cdfunc 2045/udp sdfunc 2046/tcp sdfunc 2046/udp dls 2047/tcp dls 2047/udp dls-monitor 2048/tcp dls-monitor 2048/udp shilp 2049/tcp shilp 2049/udp www-dev 2784/tcp world wide web - development www-dev 2784/udp world wide web - development NSWS 3049/tcp NSWS 3049/ddddp rfa 4672/tcp remote file access server rfa 4672/udp remote file access server commplex-main 5000/tcp commplex-main 5000/udp commplex-link 5001/tcp commplex-link 5001/udp rfe 5002/tcp radio free ethernet rfe 5002/udp radio free ethernet rmonitor_secure 5145/tcp rmonitor_secure 5145/udp padl2sim 5236/tcp padl2sim 5236/udp sub-process 6111/tcp HP SoftBench Sub-Process Control sub-process 6111/udp HP SoftBench Sub-Process Control xdsxdm 6558/udp xdsxdm 6558/tcp afs3-fileserver 7000/tcp file server itself afs3-fileserver 7000/udp file server itself afs3-callback 7001/tcp callbacks to cache managers afs3-callback 7001/udp callbacks to cache managers afs3-prserver 7002/tcp users & groups database afs3-prserver 7002/udp users & groups database afs3-vlserver 7003/tcp volume location database afs3-vlserver 7003/udp volume location database afs3-kaserver 7004/tcp AFS/Kerberos authentication service afs3-kaserver 7004/udp AFS/Kerberos authentication service afs3-volser 7005/tcp volume managment server afs3-volser 7005/udp volume managment server afs3-errors 7006/tcp error interpretation service afs3-errors 7006/udp error interpretation service afs3-bos 7007/tcp basic overseer process afs3-bos 7007/udp basic overseer process afs3-update 7008/tcp server-to-server updater afs3-update 7008/udp server-to-server updater afs3-rmtsys 7009/tcp remote cache manager service afs3-rmtsys 7009/udp remote cache manager service man 9535/tcp man 9535/udp isode-dua 17007/tcp isode-dua 17007/udp ** from RFC 1610: 6.2. Standard Protocols Protocol Name Status RFC STD * ======== ===================================== ======== ==== === = -------- Internet Official Protocol Standards Req 1610 1 -------- Assigned Numbers Req 1340 2 -------- Host Requirements - Communications Req 1122 3 -------- Host Requirements - Applications Req 1123 3 -------- Gateway Requirements Req 1009 4 IP Internet Protocol Req 791 5 as amended by:-------- -------- IP Subnet Extension Req 950 5 -------- IP Broadcast Datagrams Req 919 5 -------- IP Broadcast Datagrams with Subnets Req 922 5 ICMP Internet Control Message Protocol Req 792 5 IGMP Internet Group Multicast Protocol Rec 1112 5 UDP User Datagram Protocol Rec 768 6 TCP Transmission Control Protocol Rec 793 7 TELNET Telnet Protocol Rec 854,855 8 FTP File Transfer Protocol Rec 959 9 SMTP Simple Mail Transfer Protocol Rec 821 10 MAIL Format of Electronic Mail Messages Rec 822 11 CONTENT Content Type Header Field Rec 1049 11 NTPV2 Network Time Protocol (Version 2) Rec 1119 12 DOMAIN Domain Name System Rec 1034,1035 13 DNS-MX Mail Routing and the Domain System Rec 974 14 SNMP Simple Network Management Protocol Rec 1157 15 SMI Structure of Management Information Rec 1155 16 Concise-MIB Concise MIB Definitions Rec 1212 16 MIB-II Management Information Base-II Rec 1213 17 EGP Exterior Gateway Protocol Rec 904 18 NETBIOS NetBIOS Service Protocols Ele 1001,1002 19 ECHO Echo Protocol Rec 862 20 DISCARD Discard Protocol Ele 863 21 CHARGEN Character Generator Protocol Ele 864 22 QUOTE Quote of the Day Protocol Ele 865 23 USERS Active Users Protocol Ele 866 24 DAYTIME Daytime Protocol Ele 867 25 TIME Time Server Protocol Ele 868 26 TFTP Trivial File Transfer Protocol Ele 1350 33 RIP Routing Information Protocol Ele 1058 34 TP-TCP ISO Transport Service on top of the TCP Ele 1006 35 ETHER-MIB Ethernet MIB Req 1623 50 * ... 6.3. Network-Specific Standard Protocols All Network-Specific Standards have Elective status. Protocol Name State RFC STD * ======== ===================================== ===== ===== === = IP-ATM Classical IP and ARP over ATM Prop 1577 IP-FR Multiprotocol over Frame Relay Draft 1490 ATM-ENCAP Multiprotocol Encapsulation over ATM Prop 1483 IP-TR-MC IP Multicast over Token-Ring LANs Prop 1469 IP-FDDI Transmission of IP and ARP over FDDI Net Std 1390 36 IP-HIPPI IP and ARP on HIPPI Prop 1374 IP-X.25 X.25 and ISDN in the Packet Mode Draft 1356 IP-SMDS IP Datagrams over the SMDS Service Prop 1209 IP-FDDI Internet Protocol on FDDI Networks Draft 1188 ARP Address Resolution Protocol Std 826 37 RARP A Reverse Address Resolution Protocol Std 903 38 IP-ARPA Internet Protocol on ARPANET Std BBN1822 39 IP-WB Internet Protocol on Wideband Network Std 907 40 IP-E Internet Protocol on Ethernet Networks Std 894 41 IP-EE Internet Protocol on Exp. Ethernet Nets Std 895 42 IP-IEEE Internet Protocol on IEEE 802 Std 1042 43 IP-DC Internet Protocol on DC Networks Std 891 44 IP-HC Internet Protocol on Hyperchannel Std 1044 45 IP-ARC Transmitting IP Traffic over ARCNET Nets Std 1201 46 IP-SLIP Transmission of IP over Serial Lines Std 1055 47 IP-NETBIOS Transmission of IP over NETBIOS Std 1088 48 IP-IPX Transmission of 802.2 over IPX Networks Std 1132 49 ** from RFC 768: Format ------ 0 7 8 15 16 23 24 31 +--------+--------+--------+--------+ | Source | Destination | | Port | Port | +--------+--------+--------+--------+ | | | | Length | Checksum | +--------+--------+--------+--------+ | | data octets ... +---------------- ... User Datagram Header Format Fields ------ Source Port is an optional field, when meaningful, it indicates the port of the sending process, and may be assumed to be the port to which a reply should be addressed in the absence of any other information. If not used, a value of zero is inserted. Destination Port has a meaning within the context of a particular internet destination address. Length is the length in octets of this user datagram including this header and the data. (This means the minimum value of the length is eight.) Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP header, and the data, padded with zero octets at the end (if necessary) to make a multiple of two octets. The pseudo header conceptually prefixed to the UDP header contains the source address, the destination address, the protocol, and the UDP length. This information gives protection against misrouted datagrams. This checksum procedure is the same as is used in TCP. 0 7 8 15 16 23 24 31 +--------+--------+--------+--------+ | source address | +--------+--------+--------+--------+ | destination address | +--------+--------+--------+--------+ | zero |protocol| UDP length | +--------+--------+--------+--------+ If the computed checksum is zero, it is transmitted as all ones (the equivalent in one's complement arithmetic). An all zero transmitted checksum value means that the transmitter generated no checksum (for debugging or for higher level protocols that don't care). ** from RFC 791: 3.1. Internet Header Format A summary of the contents of the internet header follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Example Internet Datagram Header Figure 4. Note that each tick mark represents one bit position. Version: 4 bits The Version field indicates the format of the internet header. This document describes version 4. IHL: 4 bits Internet Header Length is the length of the internet header in 32 bit words, and thus points to the beginning of the data. Note that the minimum value for a correct header is 5. Type of Service: 8 bits The Type of Service provides an indication of the abstract parameters of the quality of service desired. These parameters are to be used to guide the selection of the actual service parameters when transmitting a datagram through a particular network. Several networks offer service precedence, which somehow treats high precedence traffic as more important than other traffic (generally by accepting only traffic above a certain precedence at time of high load). The major choice is a three way tradeoff between low-delay, high-reliability, and high-throughput. Bits 0-2: Precedence. Bit 3: 0 = Normal Delay, 1 = Low Delay. Bits 4: 0 = Normal Throughput, 1 = High Throughput. Bits 5: 0 = Normal Relibility, 1 = High Relibility. Bit 6-7: Reserved for Future Use. 0 1 2 3 4 5 6 7 +-----+-----+-----+-----+-----+-----+-----+-----+ | | | | | | | | PRECEDENCE | D | T | R | 0 | 0 | | | | | | | | +-----+-----+-----+-----+-----+-----+-----+-----+ Precedence 111 - Network Control 110 - Internetwork Control 101 - CRITIC/ECP 100 - Flash Override 011 - Flash 010 - Immediate 001 - Priority 000 - Routine The use of the Delay, Throughput, and Reliability indications may increase the cost (in some sense) of the service. In many networks better performance for one of these parameters is coupled with worse performance on another. Except for very unusual cases at most two of these three indications should be set. The type of service is used to specify the treatment of the datagram during its transmission through the internet system. Example mappings of the internet type of service to the actual service provided on networks such as AUTODIN II, ARPANET, SATNET, and PRNET is given in "Service Mappings" [8]. The Network Control precedence designation is intended to be used within a network only. The actual use and control of that designation is up to each network. The Internetwork Control designation is intended for use by gateway control originators only. If the actual use of these precedence designations is of concern to a particular network, it is the responsibility of that network to control the access to, and use of, those precedence designations. Total Length: 16 bits Total Length is the length of the datagram, measured in octets, including internet header and data. This field allows the length of a datagram to be up to 65,535 octets. Such long datagrams are impractical for most hosts and networks. All hosts must be prepared to accept datagrams of up to 576 octets (whether they arrive whole or in fragments). It is recommended that hosts only send datagrams larger than 576 octets if they have assurance that the destination is prepared to accept the larger datagrams. The number 576 is selected to allow a reasonable sized data block to be transmitted in addition to the required header information. For example, this size allows a data block of 512 octets plus 64 header octets to fit in a datagram. The maximal internet header is 60 octets, and a typical internet header is 20 octets, allowing a margin for headers of higher level protocols. Identification: 16 bits An identifying value assigned by the sender to aid in assembling the fragments of a datagram. Flags: 3 bits Various Control Flags. Bit 0: reserved, must be zero Bit 1: (DF) 0 = May Fragment, 1 = Don't Fragment. Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments. 0 1 2 +---+---+---+ | | D | M | | 0 | F | F | +---+---+---+ Fragment Offset: 13 bits This field indicates where in the datagram this fragment belongs. The fragment offset is measured in units of 8 octets (64 bits). The first fragment has offset zero. Time to Live: 8 bits This field indicates the maximum time the datagram is allowed to remain in the internet system. If this field contains the value zero, then the datagram must be destroyed. This field is modified in internet header processing. The time is measured in units of seconds, but since every module that processes a datagram must decrease the TTL by at least one even if it process the datagram in less than a second, the TTL must be thought of only as an upper bound on the time a datagram may exist. The intention is to cause undeliverable datagrams to be discarded, and to bound the maximum datagram lifetime. Protocol: 8 bits This field indicates the next level protocol used in the data portion of the internet datagram. The values for various protocols are specified in "Assigned Numbers" [9]. Header Checksum: 16 bits A checksum on the header only. Since some header fields change (e.g., time to live), this is recomputed and verified at each point that the internet header is processed. The checksum algorithm is: The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header. For purposes of computing the checksum, the value of the checksum field is zero. This is a simple to compute checksum and experimental evidence indicates it is adequate, but it is provisional and may be replaced by a CRC procedure, depending on further experience. Source Address: 32 bits The source address. See section 3.2. Destination Address: 32 bits The destination address. See section 3.2. Options: variable The options may appear or not in datagrams. They must be implemented by all IP modules (host and gateways). What is optional is their transmission in any particular datagram, not their implementation. In some environments the security option may be required in all datagrams. The option field is variable in length. There may be zero or more options. There are two cases for the format of an option: Case 1: A single octet of option-type. Case 2: An option-type octet, an option-length octet, and the actual option-data octets. The option-length octet counts the option-type octet and the option-length octet as well as the option-data octets. The option-type octet is viewed as having 3 fields: 1 bit copied flag, 2 bits option class, 5 bits option number. The copied flag indicates that this option is copied into all fragments on fragmentation. 0 = not copied 1 = copied The option classes are: 0 = control 1 = reserved for future use 2 = debugging and measurement 3 = reserved for future use The following internet options are defined: CLASS NUMBER LENGTH DESCRIPTION ----- ------ ------ ----------- 0 0 - End of Option list. This option occupies only 1 octet; it has no length octet. 0 1 - No Operation. This option occupies only 1 octet; it has no length octet. 0 2 11 Security. Used to carry Security, Compartmentation, User Group (TCC), and Handling Restriction Codes compatible with DOD requirements. 0 3 var. Loose Source Routing. Used to route the internet datagram based on information supplied by the source. 0 9 var. Strict Source Routing. Used to route the internet datagram based on information supplied by the source. 0 7 var. Record Route. Used to trace the route an internet datagram takes. 0 8 4 Stream ID. Used to carry the stream identifier. 2 4 var. Internet Timestamp. ** from RFC 793: 3.1. Header Format TCP segments are sent as internet datagrams. The Internet Protocol header carries several information fields, including the source and destination host addresses [2]. A TCP header follows the internet header, supplying information specific to the TCP protocol. This division allows for the existence of host level protocols other than TCP. TCP Header Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ TCP Header Format Note that one tick mark represents one bit position. Figure 3. Source Port: 16 bits The source port number. Destination Port: 16 bits The destination port number. Sequence Number: 32 bits The sequence number of the first data octet in this segment (except when SYN is present). If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1. Acknowledgment Number: 32 bits If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive. Once a connection is established this is always sent. Data Offset: 4 bits The number of 32 bit words in the TCP Header. This indicates where the data begins. The TCP header (even one including options) is an integral number of 32 bits long. Reserved: 6 bits Reserved for future use. Must be zero. Control Bits: 6 bits (from left to right): URG: Urgent Pointer field significant ACK: Acknowledgment field significant PSH: Push Function RST: Reset the connection SYN: Synchronize sequence numbers FIN: No more data from sender Window: 16 bits The number of data octets beginning with the one indicated in the acknowledgment field which the sender of this segment is willing to accept. Checksum: 16 bits The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header and text. If a segment contains an odd number of header and text octets to be checksummed, the last octet is padded on the right with zeros to form a 16 bit word for checksum purposes. The pad is not transmitted as part of the segment. While computing the checksum, the checksum field itself is replaced with zeros. The checksum also covers a 96 bit pseudo header conceptually prefixed to the TCP header. This pseudo header contains the Source Address, the Destination Address, the Protocol, and TCP length. This gives the TCP protection against misrouted segments. This information is carried in the Internet Protocol and is transferred across the TCP/Network interface in the arguments or results of calls by the TCP on the IP. +--------+--------+--------+--------+ | Source Address | +--------+--------+--------+--------+ | Destination Address | +--------+--------+--------+--------+ | zero | PTCL | TCP Length | +--------+--------+--------+--------+ The TCP Length is the TCP header length plus the data length in octets (this is not an explicitly transmitted quantity, but is computed), and it does not count the 12 octets of the pseudo header. Urgent Pointer: 16 bits This field communicates the current value of the urgent pointer as a positive offset from the sequence number in this segment. The urgent pointer points to the sequence number of the octet following the urgent data. This field is only be interpreted in segments with the URG control bit set. Options: variable Options may occupy space at the end of the TCP header and are a multiple of 8 bits in length. All options are included in the checksum. An option may begin on any octet boundary. There are two cases for the format of an option: Case 1: A single octet of option-kind. Case 2: An octet of option-kind, an octet of option-length, and the actual option-data octets. The option-length counts the two octets of option-kind and option-length as well as the option-data octets. Note that the list of options may be shorter than the data offset field might imply. The content of the header beyond the End-of-Option option must be header padding (i.e., zero). A TCP must implement all options. Currently defined options include (kind indicated in octal): Kind Length Meaning ---- ------ ------- 0 - End of option list. 1 - No-Operation. 2 4 Maximum Segment Size.