Transcript ARP,ICMP - Muhammad sami

Internet Protocols
Address Resolution



IP Addresses are not recognized by
hardware.
If we know the IP address of a host, how do
we find out the hardware address ?
The process of finding the hardware address
of a host given the IP address is called
Address Resolution.
Address Resolution Protocol (ARP)



The Address Resolution Protocol is used by a
sending host when it knows the IP address
of the destination but needs the Ethernet
address.
ARP is a broadcast protocol - every host on
the network receives the request.
Each host checks the request against it’s IP
address - the right one responds.
Address Resolution Protocol (ARP)


ARP does not need to be done every time an
IP datagram is sent - hosts remember the
hardware addresses of each other.
Part of the ARP protocol specifies that the
receiving host should also remember the IP
and hardware addresses of the sending host.
ARP
ARP
I need the
Ethernet
address of
176.16.3.2.
I heard that broadcast.
The message is for me.
Here is my Ethernet
address.
172.16.3.1
172.16.3.2
IP: 172.16.3.2 = ???
IP: 172.16.3.2
Ethernet: 0800.0020.1111
Map
IP
MAC
Local
ARP
Reverse ARP
I heard that
broadcast.
Your IP
address is
172.16.3.25.
What is
my IP
address?
Ethernet: 0800.0020.1111 IP = ???
Ethernet: 0800.0020.1111
IP: 172.16.3.25

Map MAC
IP
Internet Control Message Protocol



ICMP is a protocol used for exchanging
control messages.
ICMP uses IP to deliver messages.
ICMP messages are usually generated and
processed by the IP software, not the user
process.
ICMP Features





Used by IP to send error and control messages
Uses IP to send its messages
Does not report errors on ICMP messages.
ICMP message are not required on datagram
checksum errors.
ICMP reports error only on the first fragment
ICMP Header ICMP Data
IP Header
IP Data
Datalink Header
Datalink Data
ICMP Message Format
IP Header
Type of Message
Error Code
Checksum
Parameters, if any
Information
8b
8b
16b
Var
Var
Sample ICMP Messages



Source Quench: Please slow down! I just
dropped one of your datagrams.
Time Exceeded: Time to live field in one of
your packets became zero.” or “Reassembly
timer expired at the destination.
Fragmentation Required: Datagram was
longer than and “No Fragment bit” was set.
Sample ICMP Messages (Continued)




Address Mask Request/Reply: What is the
subnet mask on this net? Replied by
“Address mask agent”
Redirect: Send to router X instead of me.
Time Stamp Request/Reply: used to find
current time .
ICMP error messages normally include the IP
header of the datagram that generated the
error, plus at least 8 bytes following the IP
header => ICMP message sizes = 70 bytes
ICMP: Message Types Summary
Type
0
3
4
5
8
11
12
13
14
15
16
17
18
Message
Echo reply
Destination unreachable
Source quench
Redirect
Echo request
Time exceeded
Parameter unintelligible
Time-stamp request
Time-stamp reply
Information request
Information reply
Address mask request
Address mask reply
Ping

Ping: Used to test




destination reachability,
compute round trip time
count the # of hops to destination
may provide record route option. Sample output:
Reply from 164.107.144.3: 48 bytes in 47 msec.
TTL: 253
Traceroute

Traceroute: Exploit TTL and ICMP




Send the packet with time-to-live = 1 (hop)
The first router discards the packet and sends an
ICMP “time-to-live exceeded message”
Send the packet with time-to-live = 2 (hops) etc…
Does not use optional features like record route
Path MTU Discovery

Send a large IP datagram with “Don’t
fragment” bit set.

Failure to fragment at a link will result in ICMP
message.
Summary



ICMP is the control sibling of IP
ICMP is used by IP and uses IP as network
layer protocol
ICMP is used for ping, traceroute, and path
MTU discovery.