icmp : internet control message protocol. introduction icmp is often considered part of the ip...
TRANSCRIPT
ICMP : Internet Control Message Protocol
Introduction
ICMP is often considered part of the IP layer. It communicates error messages and other
conditions that require attention. ICMP messages are usually acted on by
either IP layer or the higher layer protocol.
IP header (20 byte) ICMP message
IP datagram
ICMP Message
The first 4 bytes have the same format for all messages, but the remainder differs from one message to the next.
(contents depends on type and code)
8-bit type 8-bit code 16-bit checksum
0 7 8 15 16 31
ICMP Message Types
type Description
0 Echo Reply Echo Query
3 Destination Unreachable Error
4 Source Quench Error
5 Redirect Error
8 Echo Request Echo Query
9 Router Advertisement Query
10 Router Solicitation Query
11 Time Exceeded Error
12 Parameter Problem Query
13 Timestamp Request Query
14 Timestamp Reply Query
17 Address Mask Request Query
18 Address Mask Reply Reply
code Description
0 Network Unreachable
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed and DF set
5 Source Route Failed
6 Destination Network Unknown
7 Destination Host Unknown
8 Source Host Isolated
9 Network Administratively Prohibited
10 Destination Host Administratively Prohibited
11 Network Unreachable For TOS
12 Host Unreachable For TOS
13 Communication Administratively Prohibited
14 Host Precedence Violation
15 Precedence Cutoff in Effect
ICMP Echo Request and Reply ICMP echo is a message to send and receive
the specified echo data packet between two TCP/IP nodes.
0 7 8 15 16 31
Echo data (variable length)
Type(0 or 8) Code(0)
identifier
checksum
sequence number
ICMP Addr Mask Request and Reply The ICMP Address mask request is intended
for a diskless system to obtain its subnet mask at bootstrap time.
0 7 8 15 16 31
32-bit subnet mask
Type(17 or 18) Code(0)
identifier
checksum
sequence number
ICMP Addr Mask
We can write a simple program that issues an ICMP address mask request and prints all replies.
% icmpaddrmask 140.252.13.63Received mask = ffffffe0, from 140.252.13.33Received mask = ffffffe0, from 140.252.13.35Received mask = ffff0000, from 140.252.13.34
ICMP Timestamp Request and Reply The ICMP timestamp request allows a
system to query another for the current time. The recommended value to be returned is the
number of milliseconds since midnight, Coordinated Universal Time (UTC).
0 7 8 15 16 31
32-bit originate timestamp
Type(13 or 14) Code(0)identifier
checksumsequence number
32-bit receive timestamp32-bit transmit timestamp
ICMP Timestamp Request and Reply The requestor fills in the originate timestamp
and sends the request. The replying system fills in the receive
timestamp when it receives the request. The transmit timestamp when it send the reply.
0 7 8 15 16 31
32-bit originate timestamp
Type(13 or 14) Code(0)identifier
checksumsequence number
32-bit receive timestamp32-bit transmit timestamp
ICMP Unreachable Message
It is an error message sent back to the transmission origin when the packet cannot be sent to service.
It is likely to reply from a machine on the way of routing (router), and it might reply from the machine (target host).
0 7 8 15 16 31
Unused (must be 0)Type(3) Code(0-15) checksum
IP header + first 8 bytes of original IP datagram data
ICMP Message Types
code Description
0 Network Unreachable
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed and DF set
5 Source Route Failed
6 Destination Network Unknown
7 Destination Host Unknown
8 Source Host Isolated
9 Network Administratively Prohibited
10 Destination Host Administratively Prohibited
11 Network Unreachable For TOS
12 Host Unreachable For TOS
13 Communication Administratively Prohibited
14 Host Precedence Violation
15 Precedence Cutoff in Effect
Exercises
If your system provides the netstat command, use it to see what types of ICMP messages are received and sent.
Ping Program
Introduction
The name “ping” is taken from the sonar operation to locate objects.
The program sends an ICMP echo request message to a host, expecting an ICMP echo reply to be returned.
Ping also measures the round-trip time to the host, giving us some indication of how “far away” that host is.
(1)
(2)
(3)
Ping Options
-
options description
-t Ping the specified host until stopped.
To see statistics and continue - type Control-Break;
To stop - type Control-C.
-a Resolve addresses to hostnames.
-n count Number of echo requests to send.
-l size Send buffer size
-f Set Don't Fragment flag in packet.
-i TTL Time To Live.
-v TOS Type Of Service.
-r count Record route for count hops.
-s count Timestamp for count hops.
-j host-list Loose source route along host-list.
-k host-list Strict source route along host-list.
-w timeout Timeout in milliseconds to wait for each reply.
Ping
HOST A192.168.1.1
HOST B192.168.1.2
Please return the sent data.
I return the data as it is.
- Reply from 192.168.1.2 : bytes = 32 time < 10ms TTL = 128
- Ping 192.168.1.2
Format of ICMP message
We call the ping program that sends the echo requests the client, and the host being pinged the server.
0 7 8 15 16 31
Optional data
Type(0 or 8) Code(0)
identifier
checksum
sequence number
From the result
The network communication with the object host must be normal. Own host's network setting and operation. The object host's network setting and operation. Setting and operation of network/router.
Network performance The throughput of the network can guess from the
display of statistics.
Case of failure
The routing to Internet Protocol address cannot be done.
C:\>ping 192.168.10.1
Pinging 192.168.10.1 with 32 bytes of data:
Reply from 203.100.100.49: Destination net unreachable.Reply from 203.100.100.49: Destination net unreachable.Reply from 203.100.100.49: Destination net unreachable.:
Case of failure
Loop by routing setting mistake.C:\>ping 150.224.XXX.XXX
Pinging 150.224.XXX.XXX with 32 bytes of data:
Reply from 130.XXX.76.17: TTL expired in transit.Reply from 130.XXX.76.17: TTL expired in transit.Reply from 130.XXX.76.17: TTL expired in transit.Reply from 130.XXX.76.17: TTL expired in transit.
Ping statistics for 150.224.XXX.XXX: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
Case of failure
Failure of host name resolution.
The host's stop.
C:\>ping www.unknown.netUnknown host www.unknown.net.
C:\>ping host1.example.net
Pinging host1.example.net [211.XXX.XXX.190] with 32 bytes of data:
Request timed out.Request timed out.:
Summary
The ping program is the basic connectivity test between two systems running TCP/IP. It uses the ICMP echo request and echo reply
messages and does not use a transport layer. Ping also let us examine and use the IP
record route option.
Exercises
Calculate the RTT if the SLIP link between bsdi and slip is set to 9600 bits/sec. Assume the default of 56 bytes of data.
IP
ICMP
ICMP
ICMP
Echo Request
Echo Reply
Normal Access
Destination unreachable Because of router Couldn’t find Host X, router send a Error Message
HOST A
HOST B HOST Y
HOST X
ICMP Message Types
When an ICMP error message is sent, the message always contains the IP header and the first 8 bytes of the IP datagram that caused the ICMP error to be generated.
This lets the receiving ICMP module associate the message with one particular protocol and one particular user process.
ICMP Message Types
An ICMP error message is never generated in response to An ICMP error message A datagram destined to an IP broadcast address
or an IP multicast address. A datagram sent as a link-layer broadcast. A fragment other than the first. A datagram whose source address does not
define a single host.