This video belongs to the openHPI course Internetworking with TCP/IP . Do you want to see more?
An error occurred while loading the video player, or it takes a long time to initialize. You can try clearing your browser cache. Please try again later and contact the helpdesk if the problem persists.
About this video
RFC for Identification field: http://tools.ietf.org/html/rfc791#page-29
###Some technical hints if you want to try this on Linux: The IP-ID on Linux is incremented sequentially. You have to pay attention to the following issues, however:
Make sure that the DF (Don't Fragment) flag in the IPv4 header is not set. Otherwise, Linux will set the IP-ID to 0 (or anything else), as the IP-ID is not required without fragmentation.
To filter these packets in Wireshark you can use the expression: ip.flags.df==0 To produce packets without the DF flag use the following command: ping -M dont openhpi.de
The IP-ID is incremented separately for each connection. A connection is specified by its source and its destination address. E.g. the packets from A to B have the IP-IDs 1,2,3,4,… while the packets sent from A to C at the same time have the IP-IDs 101, 102, 103, 104, ...
It might be necessary to filter not only for the source address, but also for the target address to make the sequential incrementation more obvious.