Transcript ppt

CMPT 471
Networking II
ICMP
© Janice Regan, 2012
1
Errors in Packet Switching Networks
 Possible causes of errors include






Hardware failure
Network congestion
Inability to fragment (DF set)
Routing loops
Unavailable host (disconnected or failed)
Queue overrun on routers
 IP offers best effort delivery, it needs a mechanism to
inform the source of packets dropped because of errors
(except transmission errors). In the remainder of this
lecture errors will mean errors not cause by
transmission impairments
© Janice Regan, 2012
2
Dealing with errors
 IP datagram delivery (network level) has a header




checksum to detect transmission errors in the IP header
TCP has a checksum which covers the TCP header,
pseudo header and data
Higher level protocols (for example TCP) also handle
more types of errors
Higher level protocols may deal with any errors not
caught at lower levels. It may be more efficient to catch
errors in the IP layer than in the TCP layer
Within IP need an error reporting mechanism to report
such errors, one such mechanism is the ICMP protocol.
© Janice Regan, 2012
3
ICMP
 Internet Control Message Protocol is an
integral part of IP
 ICMP messages are carried as the data portion
of an IP datagram
 Communicates between the IP software on
different hosts
 Used (primarily by routers) to report errors back
to the original source.
 Used to enquire about the state and
configuration of routers and hosts
 Reports errors and in some cases suggests
corrective action
© Janice Regan, 2012
4
ICMP encapsulation
© Janice Regan, 2012
5
ICMP message format
 There are several types of ICMP messages designed to
report different types of errors
 Each ICMP message has its own format, but all start
with the same three fields

A type field (1 octet) indicating which type of ICMP message
follows
 A 1 octet code following the type that further defines the
message (see text for list)

For example type specifies destination unreachable, code
specifies router or host
 The 3rd common field is a 2 octet checksum. The checksum is
calculated the same way as the ARP checksum, including the
entire ICPM PDU
© Janice Regan, 2012
6
ICMPv4 Message Types
© Janice Regan, 2012
Comer
2000:
7
IPv4
Destination Unreachable Codes
0












Net Unreachable
Host Unreachable
Protocol Unreachable
Port Unreachable
Fragmentation Needed and Don't Fragment was Set
Source Route Failed
Destination Network Unknown
Destination Host Unknown
Source Host Isolated
Communication with Destination Network is Administratively
Prohibited 1
Communication with Destination Host is Administratively Prohibited
Destination Network Unreachable for Type of Service
Destination Host Unreachable for Type of Service
© Janice Regan, 2012
8
ICMP Echo Request/Reply
Comer 2000: fig 9.2






Echo request is sent by the ping command to test for reachability
Echo reply is sent in response to a received echo reply to confirm
reachability
Type: request 8, reply 0, Code 0 : no additional qualifying codes
Identifier and sequence number are optional, they can be used to match
replies with requests
The optional data in a echo request must be returned in the resulting
echo reply
Linux ping has a record route and a timestamp option
© Janice Regan, 2012
9
ICMP destination unreachable
Comer 2000: fig 9.3




Sent when a router or host cannot deliver a datagram due to an
identified failure (not all failures are identified)
Can be disabled, not all hosts or routers will send ICMP messages
The codes indicate what destination could not be reached and why
(see table in text)
The header and datagram information is provided to identify the
packet needing retransmission (port numbers and sequence number
for TCP UDP)
© Janice Regan, 2012
10
ICMP Source Quench Message
Comer 2000: fig 9.4
 Used to help control congestion
 When a packet must be dropped due to congestion a
source quench packet may be sent
 When the source receives a source quench message it
may reduce the rate at which it transmits to the network

1 quench message per round trip travel time should cause
change
© Janice Regan, 2012
11
ICMP redirect message
Comer 2000: fig 9.6




Temporary of permanent changes to network routing on one host
may cause other routes on other hosts to become incorrect
When a router detects a host on a directly connected network
using non optimal routing it can send an ICMP redirect message
This mechanism allows dynamic calculation of routes by routers
(not hosts) to interact with host routing tables
Allowing redirct messages to prompt routing changes can be a
security issue and redirect messages are often disabled to protect
from the security risk
© Janice Regan, 2012
12
ICMP time exceeded message
Comer 2000: fig 9.7
 Possible causes for timeout
 To much time in transit (TTL reaches 0). Code 0
 Missing fragments in reassembly of fragmented
packets. Code 1
 Similar format to source quench message
© Janice Regan, 2012
13
ICMP parameter problem
Comer 2000: fig 9.8
 When a router finds problems not handled by
previous messages that are severe enough to
require the packet to be discarded
 Can deal with problems such as incorrect
parameters for IP options
© Janice Regan, 2012
14
ICMP timestamp request/reply
Comer 2000: fig 9.9






Used for synchronization and estimation of travel times
Originate timestamp added just before transmission
Receive timestamp added immediately after receipt
Transmit timestamp added immediately before the reply is
transmitted
This means that transit time (not queuing time) is measured
In practice, because clocks on different systems may show different
times, travel time and synchronization is complicated
© Janice Regan, 2012
15
ICMP address mask request/reply
Comer 2000: fig 9.10
 To determine the subnetwork address mask for the
local subnetwork a host may send an address mask
reply to a directly connected router
 When the router replies the address mask field will
contain the subnet mask
 Identifier and sequence number are used to associate
the request with the reply
© Janice Regan, 2012
16
ICMP Router discovery
Comer 2000: fig 9.11
 Used to dynamically determine the address of directly connected



routers
An alternative to BOOTP and DHCP (both based on manually
configured databases)
This is a router advertisement packet that is sent periodically
(default every 10 minutes, with lifetime of 30 minutes)
If an advertisment is not received by a host during the lifetime, the
host will discard the routing entry for that router (until it hears again)
© Janice Regan, 2012
17
ICMP Router Solicitation
Comer 2000: fig 9.12
 A host that has just booted will not wish to wait
10 minutes to discover the routers on the
network
 A host can send a solicitation requesting an
additional immediate router discovery message
© Janice Regan, 2012
18
ICMPv6 (RFC 2463)
 Retains functionality of IPv4
 Adds functionality of ARP and IGMP
 Adds new functionality, autoconfiguration and
unreachability detection
 Includes neighbor discovery (RFC 2461) a sub protocol
that replaces ARP and router discovery in ICMP. Can
determine when a neighbor has become unreachable
 Includes Multicast Listener Discoverer (replacing IGMP)
© Janice Regan, 2012
19