Download Introduction - ece.virginia.edu

• ICMP
• The PING Tool
•Traceroute program
•IGMP
© Jörg Liebeherr (modified by M. Veeraraghavan)
1
Orientation
• The IP (Internet Protocol) relies on several other protocols to
perform necessary control and routing functions.
EGP
ICMP
© Jörg Liebeherr (modified by M. Veeraraghavan)
RIP
IGMP
BGP
OSPF
Routing
Control
2
ICMP
• The Internet Control Message Protocol (ICMP) is the
protocol used for error and control messages in the Internet.
• ICMP provides an error reporting mechanism of routers to the
sources.
• All ICMP packets are encapsulated as IP datagrams.
• The packet format is simple:
Type
(8 bits)
Code
(8 bits)
Checksum
(16 bits)
(additional information dependent on Type and Code)
0
31
32-bit word
© Jörg Liebeherr (modified by M. Veeraraghavan)
3
Types of ICMP Packets
• Many ICMP packet types exist, each with its own format.
• A Selection:
Type Field:
0
3
4
5
8
11
12
13
17
© Jörg Liebeherr (modified by M. Veeraraghavan)
Message Type:
Echo Reply
Destination Unreachable
Source Quench
Redirect (Change Route)
Echo Request
Time Exceeded
Parameter Problem in Datagram
Timestamp Request
Address Mask Request
4
ICMP Message Types
• ICMP messages are either query messages or error
messages.
• ICMP query messages:
• Echo request / Echo reply
• Router advertisement / Router solicitation
• Timestamp request / Timestamp reply
• Address mask request / Address mask reply
• ICMP error messages:
• Host unreachable
• Source quench
• Time exceeded
• Parameter problem
© Jörg Liebeherr (modified by M. Veeraraghavan)
5
ICMP Error Messages
• Each ICMP error message contains the header and at least
the first 8 bytes of the IP datagram payload that triggered the
error message.
• Problem: How to prevent that too many ICMP messages are
sent ?
(e.g., an ICMP packet could trigger an ICMP
packet, which triggers …).
• ICMP error messages are not sent ...
...for multiple fragments of the same IP datagrams
… in response to an error message
… in response to a broadcast packet
… etc.
© Jörg Liebeherr (modified by M. Veeraraghavan)
6
Example of a Query:
ICMP Timestamp
• A system (host or router) asks
another system for the current
time.
Sender
Timestamp
Request
Receiver
• Time is measured in milliseconds
after midnight UTC (Coordinated
Universal Time).
Timestamp
Reply
• Sender sends a request, receiver
responds with reply.
Type
(= 13 or 14)
Code
(=0)
identifier
Checksum
sequence number
32-bit sender timestamp
32-bit receive timestamp
32-bit transmit timestamp
© Jörg Liebeherr (modified by M. Veeraraghavan)
7
Example of an Error Message:
Port Unreachable
• There are 16 different ICMP error messages (‘codes’) of type
“Destination Unreachable”(Type = 3)
Code:
0
1
2
3
4
5
6
7
8
Message Type:
Network unreachable
Host unreachable
Protocol unreachable
Port unreachable
Fragmentation needed but
bit not set
Source route failed
Destination network
unknown
Destination node unknown
Source host isolated
© Jörg Liebeherr (modified by M. Veeraraghavan)
Code: Message Type:
9
Destination network
administratively prohibited
10
Destination host
administratively prohibited
11
Network unreachable for TOS
12
Host unreachable for TOS
13
Communication administratively prohibited by filtering
14
host precedence violation
15
precedence cutoff in effect
8
ICMP Port Unreachable
• RFC 792: If, in the destination host, the IP module cannot deliver the
datagram because the indicated protocol module or process
port is not active, the destination host may send a port
unreachable message to the source host.
• Scenario:
Client
© Jörg Liebeherr (modified by M. Veeraraghavan)
Server
No process
is waiting
at Port
1234
9
ICMP Port Unreachable
• Format of the Port Unreachable Message
ICMP Message
Ethernet
Header
IP header
Type
(= 3)
Code
(=0-15)
ICMP
header
IP header of datagram at least 8 bytes from IP
from client
payload of client
Checksum
Unused (Set to 00...0)
Note: Both UDP and TCP
store the Port Number in the
first 8 bytes !
Code = 3 for Port Unreachable
© Jörg Liebeherr (modified by M. Veeraraghavan)
10
The PING program
• PING (=Packet InterNet Gopher) is a program that utilizes the
ICMP echo request and echo reply messages.
• PING is used to verify if a certain host is up and running. It is
used extensively for fault isolation in IP networks.
• PING can be used with a wide variety of options, e.g, :
-R Record route. Includes the RECORD_ROUTE option in the
ECHO_REQUEST packet and displays the route buffer on
returned packets.
-s packetsize Specifies the number of data bytes to be sent (Default is
56)
(In newer implementations, -s is used to continuously generate
queries)
© Jörg Liebeherr (modified by M. Veeraraghavan)
11
Echo Request and Reply
• PING’s are handled directly by the kernel.
• Each Ping is translated into an ICMP Echo Request.
• The Ping’ed host responds with an ICMP Echo Reply.
AIDA
© Jörg Liebeherr (modified by M. Veeraraghavan)
MNG
12
Format of Echo Request and Reply
Type
(=0 or 8)
Code
(=0)
Checksum
identifier
sequence number
optional
•Identifier is set to process Id of querying process.
•Sequence number is incremented for each new echo request.
© Jörg Liebeherr (modified by M. Veeraraghavan)
13
Running Ping
aida: ping mng.poly.edu
PING mng.poly.edu (128.238.42.105): 56 data bytes
64 bytes from 128.238.42.105: icmp_seq=0 ttl=128 time=0.718
64 bytes from 128.238.42.105: icmp_seq=1 ttl=128 time=3.408
64 bytes from 128.238.42.105: icmp_seq=2 ttl=128 time=3.171
64 bytes from 128.238.42.105: icmp_seq=3 ttl=128 time=0.701
64 bytes from 128.238.42.105: icmp_seq=4 ttl=128 time=0.693
64 bytes from 128.238.42.105: icmp_seq=5 ttl=128 time=1.528
64 bytes from 128.238.42.105: icmp_seq=6 ttl=128 time=0.689
64 bytes from 128.238.42.105: icmp_seq=7 ttl=128 time=3.077
^C
--- mng.poly.edu ping statistics --8 packets transmitted, 8 packets received, 0% packet loss
round-trip min/avg/max = 0.689/1.748/3.408 ms
© Jörg Liebeherr (modified by M. Veeraraghavan)
ms
ms
ms
ms
ms
ms
ms
ms
14
Running Ping to a different machine
Aida: ping www.cologne.de
PING fileserv1.cologne.de (194.94.233.1): 56 data bytes
64 bytes from 194.94.233.1: icmp_seq=0 ttl=240 time=447.080
64 bytes from 194.94.233.1: icmp_seq=1 ttl=240 time=368.383
64 bytes from 194.94.233.1: icmp_seq=2 ttl=240 time=353.992
64 bytes from 194.94.233.1: icmp_seq=3 ttl=240 time=323.380
64 bytes from 194.94.233.1: icmp_seq=4 ttl=240 time=353.782
64 bytes from 194.94.233.1: icmp_seq=5 ttl=240 time=326.356
^C
--- fileserv1.cologne.de ping statistics --7 packets transmitted, 6 packets received, 14% packet loss
round-trip min/avg/max = 323.380/362.162/447.080
© Jörg Liebeherr (modified by M. Veeraraghavan)
ms
ms
ms
ms
ms
ms
15
Running Ping on a different machine
duke% ping mng
mng.poly.edu is alive
© Jörg Liebeherr (modified by M. Veeraraghavan)
16
Traceroute program
• Uses ICMP and TTL rather than the IP Record Route option
• Why not use RR option?
– RR option not always implemented in routers
– RR is a one-way option - need to get a return message
– Room allocated in options field not sufficient
© Jörg Liebeherr (modified by M. Veeraraghavan)
17
Traceroute operation
ICMP Port Unreachable
ICMP Time Exceeded
ICMP Time Exceeded
Host
S
Router
Router
Host
D
IP datagram (TTL=1;
dest.=D)
IP datagram (TTL=2;
dest.=D)
UDP datagram (large port
number > 30,000)
© Jörg Liebeherr (modified by M. Veeraraghavan)
18
LAN Output
Svr4% traceroute slip
traceroute to slip (140.252.3.65), 30 hops max, 40 byte packets
1 bsdi (140.252.13.35) 20ms 10ms 10ms
2 slip (140.252.13.65) 120ms 120ms 120ms
• At each TTL value, three datagrams are sent
– Times correspond to the round-trip times for each
datagram
© Jörg Liebeherr (modified by M. Veeraraghavan)
19
IP Source routing option
• Sender specifies the route
– Strict source routing: sender specifies exact path; if the
next hop in the source route isn’t a directly connected
network, an ICMP “source route failed” error is returned
• traceroute -G netb -G gateway -G gabby westgate
– Loose source routing: sender specifies a list of IP
addresses that the datagram must traverse, but in
addition,it can traverse other routers between any two
addresses in the list
• traceroute -g netb -g gabby westgate
© Jörg Liebeherr (modified by M. Veeraraghavan)
20
Format of source route option in IP header
• Code: 0x83 for loose source routing; 0x89 for strict source
routing
• Ptr: points to the next router address in the list
39 bytes
code
1
len
ptr
IPAddr #1
IPAddr #2
1
4 bytes
4 bytes
1
© Jörg Liebeherr (modified by M. Veeraraghavan)
......
IPAddr #9
4 bytes
21
Fields in the source route option
• Len: length of the option in bytes. It can be a maximum of 39
bytes (36 for the 9 IP addresses and 3 bytes for code, len, ptr)
• Ptr: 1-based index into the 39-byte option of where to store (or
use) the next address. In the record route option, it indicates
where to store; in source route option, it indicates the next
address to use. Min. value is 4; it changes to 8, 12, 16, upto
36. When it is 40, it means the option is full.
© Jörg Liebeherr (modified by M. Veeraraghavan)
22
Example of IP source routing
• Host S sends a source routed datagram to destination D
• Note: Destination IP address changed on each hop
• RFC 791 does not say anything about the source address in
the IP header changing. So the source address stays the
same even with source routing.
• In hop-by-hop routing, both source and destination addresses
stay unchanged.
dest=D
{#R1,R2,R3}
S
dest=R1
R1
{#R2,R3,D}
© Jörg Liebeherr (modified by M. Veeraraghavan)
dest=R2
{R1,#R3,D}
R2
dest=R3
{R1,R2,#D}
dest=D
R3
D
{R1, R2, R3#}
23
How source routing works
• Sending host gets source list from the application. It removes
the first entry and makes it the destination address of the IP
header (R1). It leaves the ptr at 4, moves entries 1 position to
the left; hence #R2, R3, D. The # sign indicates where the ptr
is pointing. It adds the destination address to the end of the
source route list in the source route option field.
• Each router checks if it is the destination;
– if not, it just forwards the datagram. This can happen if
loose source routing is used; only then the source routing
module can get the packet.
© Jörg Liebeherr (modified by M. Veeraraghavan)
24
How source routing works (Contd.)
– If it is the destination, and ptr is not greater than length,
next address in the source list becomes the destination
address of the IP packet.
– IP address of outgoing interface becomes source address
just used and ptr is incremented. Hence {R1, #R3, D}.
– Using above approach the source list received at the far
end can be used to supply a reverse route in its reply.
Dest=R1=135.170.98.2
135.170.98.2
R1
{R1=135.170.58.4, #R2, D}
R2
135.170.58.4
R1 has different values on the two sides
© Jörg Liebeherr (modified by M. Veeraraghavan)
25
IP Multicasting
• Multicasting is one-to-many or many-to-many
communications.
Unicast
Broadcast
Multicast
• IP supports multicasting via the help of additional routing
protocols.
© Jörg Liebeherr (modified by M. Veeraraghavan)
26
The IP Protocol Stack
• IP Multicasting only supports UDP at the higher layers (there
is no multicast TCP !).
User Level
RTP
Socket Layer
Stream
Sockets
Datagram
Sockets
TCP
Multicast
Sockets
UDP
Internet Protocol (IP)
IP Multicast
Network Interface
© Jörg Liebeherr (modified by M. Veeraraghavan)
27
IP Multicasting
• There are three essential components of the IP multicast
service:
• IP Multicast Addressing
• IP Group Management
• Multicast Routing
• We will discuss addressing and group management
© Jörg Liebeherr (modified by M. Veeraraghavan)
28
Semantics of IP Multicast
• There are many different ways to implement multicast
communications.
• IP multicast works as follows:
• Multicast groups are identified by a class D address.
• Hosts (more precisely: interfaces) can join and leave a
multicast group dynamically
• Every IP datagram sent to a multicast group is
transmitted to all members of the group
© Jörg Liebeherr (modified by M. Veeraraghavan)
29
Multicast Addressing
• All Class D addresses are multicast addresses:
1 1 1 0
Class D
multicast group id
28 bits
Class
From
To
D
224.0.0.0
239.255.255.255
© Jörg Liebeherr (modified by M. Veeraraghavan)
30
Types of Multicast addresses
• Special and reserved Class D addresses, e.g,
224.0.0.1
224.0.0.2
224.0.1.1
224.0.0.9
© Jörg Liebeherr (modified by M. Veeraraghavan)
All systems on this subnet
All routers on this subnet
NTP (Network Time Protocol)
RIP-2 (a routing protocol)
31
Multicast Address Translation
• The leftmost byte (first byte) of any ethernet address must be
01 to specify a multicast address
• Ethernet addresses corresponding to IP multicasting are in
the range of 01:00:5e:00:00:00 to 01:00:5e:7f:ff:ff
• Why map an IP multicast address to an ethernet multicast
address?
– To avoid sending one ethernet frame per host
– Hosts in multicast group will enable their ethernet device
drivers to receive these multicast frames - called “joining
the multicast group”
© Jörg Liebeherr (modified by M. Veeraraghavan)
32
Multicast Address Mapping
Identifes
Class D
Ignored
Ethernet Addresses
with 01:00:5e in the
first 3 bytes are
reserved for IP
multicast
23-bit
address
1110xxxx x------- -------- --------
00000001 00000000 01011110 0------- -------- --------
© Jörg Liebeherr (modified by M. Veeraraghavan)
Class D
IP Address
Ethernet
Address
33
Not unique mapping
• Mapping procedure is not unique
– 32 different multicast IP (Class D) addresses will map to
the same multicast ethernet address
– Example:224.128.64.32 (hex: e0.80.40.20) and
224.0.64.32 (hex: e0:00:40:20) both map to the ethernet
address 01:00:5e:00:40:20
• Ethernet device driver or IP module may need to perform
filtering since the interface card may receive multicast frames
in which the host is really not interested
Interface card
© Jörg Liebeherr (modified by M. Veeraraghavan)
Device Driver
IP
34
IGMP
• The Internet Group Management Protocol (IGMP) is a simple
protocol for the support of IP multicast.
• IGMP is defined in RFC 1112.
• IGMP is used by multicast routers to keep track of
membership in a multicast group.
• Support for:
– Joining a multicast group
– Query membership
– Send membership reports
© Jörg Liebeherr (modified by M. Veeraraghavan)
35
IGMP Packet Format
• IGMP messages are only 8 bytes long
14 bytes
20 bytes
8 bytes
Ethernet Header
IP header
IGMP
Message
Version Type
(= 1) (=1-2)
(unused)
Checksum
32-bit Class D address
•Type: 1 = query sent by router, 2 = report sent by host
© Jörg Liebeherr (modified by M. Veeraraghavan)
36
IGMP Protocol
Host A
Host B
Ethernet
IGMP query
Multicast
Router
IGMP Report
© Jörg Liebeherr (modified by M. Veeraraghavan)
37
IGMP Protocol
• A host sends an IGMP report when it joins a multicast group
(Note: multiple processes on a host can join. A report is sent
only for the first process).
• No report is sent when a process leaves a group.
• A multicast router regularly multicasts an IGMP query to all
hosts (group address is set to zero).
• A host responds to an IGMP query with an IGMP report.
• Multicast router keeps a table of which of its interfaces have one or more
hosts in a multicast group. When the router receives a multicast datagram
to forward, it forwards the datagram only out the interfaces that still have
hosts with processes belonging to that group.
© Jörg Liebeherr (modified by M. Veeraraghavan)
38
IGMP Protocol
Router is asking each host to identify each group
on that interface
Host A
Host B
Ethernet
Multicast
Router
IGMP query
IGMP group address = 0
Dest IP address = 224.0.0.1
src IP addre = router's IP address
IGMP report
IGMP group address = group address
Dest IP address = group address
src IP addre = host's IP address
© Jörg Liebeherr (modified by M. Veeraraghavan)
224.0.0.1 means
all systems on
this subnet
39