Transcript ICMP - Yimg

Internet Control Message Protocol (ICMP)
•
•
•
•
Used to send error and control messages.
It is a necessary part of the TCP/IP suite.
It is above the IP module in the protocol stack.
ICMP messages are carried (encapsulated) within IP
datagrams.
• ICMP does nor report on errors with ICMP messages.
• The ICMP message contains the first 64 bits of the
original datagram as their data and are always sent to
origin.
• ICMP messages sent by gateways report routing
problems.
1
Functions of the ICMP:
• Error reporting: why a datagram that was not discarded due to
errors was not delivered to the destination
• Reachability testing: sometimes certain destinations don’t
respond, an echo message is sent to which the host must
respond if it is up.
• Congestion control: when datagrams are dropped because of
buffer overflow, a source quench message is sent.
• Route-change information: when a router realizes that a host
should be using a different router to reach a destination it sends
a message with the updated routing information.
• Performance measuring: a network manager can check the
time it takes to send datagrams to particular locations.
• Subnet addressing: a host can request the subnet mask of its
local network from the router.
2
ICMP Message Format
• Type (8 bits): To identify the message.
• Error Code (8 bits): To provide further information
about the message type.
• Checksum(16 bits): Covers only the ICMP message.
• Parameters (variable size).
• Information (Variable size).
• When reporting error messages, its data field contains
the IP header (incl. Options) and the 8 bytes that
follow the IP header (indicating TCP, or UDP, port
numbers, etc.) of the message in error.
3
ICMP Message Format 2
Type
Error Code
Checksum
Parameters, if any
Information
4
ICMP Message Types
0
3
4
5
8
11
12
13
14
15
16
17
18
Echo Reply
Destination Unreachable
Source Quench
Redirect (change a route)
Echo Request
Time Exceeded
Parameter Problem
Timestamp Request
Timestamp Reply
Information Request
Information Reply
Address Mask Request
Address Mask Reply
5
ICMP Messages
• EchoRequest (8)/EchoReply (0): Most frequently used tool for
debugging (Ping). On receipt of an EchoRequest, the host or
gateway replies with an EchoReply containing the same data as
the original echo.
• Destination Unreachable (3): When a router finds that a
destination network or host cannot be reached will send a code 0
or code 1 type message. Code 2, if the module is not active and
code 3 if the port is not active (higher level).
• Source Quench (4): Please slow down, you are sending me
packets too fast, I have just dropped one of your datagrams.
Used to report congestion to the source to reduce the rate of
datagram transmission.
6
ICMP Messages (cont)
• Redirect (5): If on receiving a datagram a router finds
that there is a better route from the datagram sender
closer to the destination than itself.
• Time Exceeded (11): Datagrams contain a TTL field
which is decremented by gateways when they forward
the datagram. If the TTL reaches 0 then ICMP type 11
messages are returned to the sender. Also when the
maximum hop count (RIP) is reached these messages
are sent.
• Parameter Problems (12): Reports problems in header
parameters that prevent the gateway from processing
the datagram (e.g. datagram was longer than the MTU
and no fragment it was set).
7
ICMP Messages (cont)
• TimestampRequest(13)/TimestampReply(14): On
receiving a type 13 message a type 14 is sent. The
message contains the original timestamp and a new
timestamp from the receiving machine used to
synchronise clocks or to calculate cost where this is
part of the routing algorithm.
• InformationRequest(15)/InformationReply(16):
Obsolete. Replaced by RARP and BOOTP.
• AddressMaskRequest(17)/AddressMaskReply(18):
Hosts need to know their subnet masks to participate
in subnet addressing. The request is sent to the router
directly or by broadcasting if it does not know the
router’s address. E.g. 161.74.69.8==>161.74.???.???
8
Packet Internet Groper (Ping)
• To check reachability of hosts and routers. Uses ICMP
echo request and expect an ICMP echo reply.
• Sample output:
Tues, 22 Mar 2005 14:55:20
Pinging amon.cpc.wmin.ac.uk [161.74.69.34] with 64 data bytes
Reply from 161.74.69.34: 64 bytes in 47 msec. TTL: 253
Reply from 161,74.69.34: 64 bytes in 44 msec. TTL: 253
Reply from 161.74.69.34: 64 bytes in 42 msec. TTL: 253
Reply from 161,74.69.34: 64 bytes in 43 msec. TTL: 253
Ping statistics for amon.cpc.wmin.ac.uk
4 packets transmitted, 4 packets received, 0% packet loss
round-trip (ms) min/avg/max = 42/44/47
9
Traceroute
• Used for diagnostic purposed to report on paths that
datagrams take through the network for specified:
source – destination pair(s), source(s) or
destination(s).
10
Traceroute Mechanism
• Source sends a packet with TTL of 1 (no. of hops).
• The first router discards the packet and sends an
ICMP TTL exceeded message (type 11) back.
• Source sends the packet with TTL of 2.
• The second router discards te packet and sends an
ICMP TTL exceeded message back.
• The above procedure is repeated until the response is
received from the destination.
161.74.69.200
161.74.69.1
161.74.66.1
161.74.66.32
11
Traceroute (Sample Output)
Tues, 22 Mar 2005 14:58:39
Sending 40 bytes to amon.cpc.wmin.ac.uk [161.74.66.32]
1. Received echo from jaguar.wmin.ac.uk [161.74.69.1] in 11 ms
2. Received echo from cheops.wmin.ac.uk [161.74.66.1] in 34 ms
3. Received 40 bytes from amon.cpc.wmin.ac.uk [161.74.66.32] in 48 ms
Traceroute statistics for amon.cpc.wmin.ac.uk
3 packets transmitted, 3 packets received, 0% packet loss
round-trip (ms) min/avg/max = 48/49/55 ms
12
ICMP in routing
• Used for error and control
• Feasible solution indicated by ICMP redirect
message
• If packet arrives at gateway, but it is not the default
gateway for forwarding that packet then packet gets
forwarded and ICMP message sent back to source
with the appropriate gateway
• Original routing table updated
13
ICMP in routing 2
• Not feasible (ie. Not available) indicated by
unreachable message
• ICMP discovery messages used to solicit information
about locally connected routers.
• ICMP can be used to request subnet mask from
router
14