[e2e] ICMP & TCP segments with IP ID = 0?

Tushar Saxena tsaxena at bbn.com
Wed May 16 10:29:46 PDT 2001


It seems like linux 2.4 doesn't worry about the ID field
if DF is set.  There was some discussion on DF/ID on
tcp-impl some time back.  Here's the link:

http://tcp-impl.lerc.nasa.gov/tcp-impl/list/archive/2378.html

Also, looking at some traces on the web, it seems like some
implementations of BOOTP/DHCP may also be leaving ID
undefined in the ip packet containing the bootp-udp
datagram.  I looked at ipconfig.c in the linux kernel,
in function ic_bootp_send_if(), and it also seems to
turn on IP_DF in the iphdr, and set all the iphdr fields,
but leave the ID undefined (probably 0).

Tushar




Craig Partridge wrote:
> 
> Hi folks:
> 
> As a side discovery on a research project, we've tripped over a bunch of
> packets in the wild where the IP ID is set to 0.  Some are ICMP packets
> and some are TCP segments.
> 
> Before we set up a traffic filter to track down what brand of system is
> generating these evil beasts, I'm writing to see if anyone has already
> figured out what kind of system sends them.
> 
> Thanks!
> 
> Craig



More information about the end2end-interest mailing list