source ip address = 10.7.134.218

destination ip address = 104.20.11.164

Step 5: IP Header Checksum We will now look at the IP header checksum calculation by validating a packet. The checksum algorithm adds the header bytes 16 bits at a time. It is computed so that re-computing the sum across the entire IP header (including the checksum value) will produce the result of zero. A complicating factor for us is that this is done using 1s complement arithmetic, rather than 2s complement arithmetic that is normally used for computing. The steps below explain how to perform the necessary computation. From the trace, pick a packet sent from the remote server to your computer and check that you have a non-zero value in the checksum field. The checksum value sent over the network will be non-zero, so if you have a zero value it is because of the capture setup. Try a packet that has an IP header of 20 bytes, the minimum header size when there are no options, to make this exercise easier Follow these steps to check that the checksum value is correct: Divide the header into 10 two byte (16 bit) words. Each word will be 4 hexadecimal digits shown in the packet data panel in the bottom of the Wireshark window, e.g., 05 Add these 10 words using regular addition. You may add them with a hexadecimal calculator Google to find one), or convert them to decimal, add them, and convert them back to hexadeci- mal. Do whatever is easiest. 1. 8c 2. 3. To compute the 1s complement sum from your addition so far, take any leading digits (beyond the 4 digits of the word size) and add them back to the remainder. For example: 5a432 will be- come a 4325-a437. The end result should be Oxffff. This is actually zero in 1s complement form, or more pre- cisely Oxffff is-0 (negative zero) while 0x0000 is +0 (positive zero) 4. If you cannot get your sum to come out and are sure that the checksum must be wrong, you can get Wireshark to check it. See whether it says "[correct]" already. If it does not then use the menus to go to Edit ->Preferences, expand Protocols, choose IPv4 from the list, and check "validate header checksum Now Wireshark will check the checksum and tell you if it is correct. Step 5: IP Header Checksum We will now look at the IP header checksum calculation by validating a packet. The checksum algorithm adds the header bytes 16 bits at a time. It is computed so that re-computing the sum across the entire IP header (including the checksum value) will produce the result of zero. A complicating factor for us is that this is done using 1s complement arithmetic, rather than 2s complement arithmetic that is normally used for computing. The steps below explain how to perform the necessary computation. From the trace, pick a packet sent from the remote server to your computer and check that you have a non-zero value in the checksum field. The checksum value sent over the network will be non-zero, so if you have a zero value it is because of the capture setup. Try a packet that has an IP header of 20 bytes, the minimum header size when there are no options, to make this exercise easier Follow these steps to check that the checksum value is correct: Divide the header into 10 two byte (16 bit) words. Each word will be 4 hexadecimal digits shown in the packet data panel in the bottom of the Wireshark window, e.g., 05 Add these 10 words using regular addition. You may add them with a hexadecimal calculator Google to find one), or convert them to decimal, add them, and convert them back to hexadeci- mal. Do whatever is easiest. 1. 8c 2. 3. To compute the 1s complement sum from your addition so far, take any leading digits (beyond the 4 digits of the word size) and add them back to the remainder. For example: 5a432 will be- come a 4325-a437. The end result should be Oxffff. This is actually zero in 1s complement form, or more pre- cisely Oxffff is-0 (negative zero) while 0x0000 is +0 (positive zero) 4. If you cannot get your sum to come out and are sure that the checksum must be wrong, you can get Wireshark to check it. See whether it says "[correct]" already. If it does not then use the menus to go to Edit ->Preferences, expand Protocols, choose IPv4 from the list, and check "validate header checksum Now Wireshark will check the checksum and tell you if it is correct