Download ICMP Error Messages

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
Document related concepts
no text concepts found
Transcript 
ICMP: A helper protocol to IP
• The Internet Control Message Protocol (ICMP) is the
protocol used for error and control messages in the Internet.
• ICMP provides an error reporting mechanism of routers to the
sources.
• All ICMP packets are encapsulated as IP datagrams.
• The packet format is simple:
Type
(8 bits)
Code
(8 bits)
Checksum
(16 bits)
(additional information dependent on Type and Code)
0
31
32-bit word
© Jörg Liebeherr (modified by M. Veeraraghavan)
1
Types of ICMP Packets
• Many ICMP packet types exist, each with its own format.
• A selection (see RFC 1256):
Type Field:
0
3
4
5
8
11
12
13
17
© Jörg Liebeherr (modified by M. Veeraraghavan)
Message Type:
Echo Reply
Destination Unreachable
Source Quench
Redirect (Change Route)
Echo Request
Time Exceeded
Parameter Problem in Datagram
Timestamp Request
Address Mask Request
2
ICMP Message Types
• ICMP messages are either query messages or error
messages.
• ICMP query messages:
• Echo request / Echo reply
• Router advertisement / Router solicitation
• Timestamp request / Timestamp reply
• Address mask request / Address mask reply
• ICMP error messages:
• Host unreachable
• Source quench
• Time exceeded
• Parameter problem
© Jörg Liebeherr (modified by M. Veeraraghavan)
3
ICMP Error Messages
• Each ICMP error message contains the header and at least
the first 8 bytes of the IP datagram payload that triggered the
error message.
• Problem: How to prevent that too many ICMP messages are
sent ?
(e.g., an ICMP packet could trigger an ICMP
packet, which triggers …).
• ICMP error messages are not sent ...
...for multiple fragments of the same IP datagrams
… in response to an error message
… in response to a broadcast packet
… etc.
© Jörg Liebeherr (modified by M. Veeraraghavan)
4
Example of a Query:
ICMP Timestamp
• A system (host or router) asks
another system for the current
time.
Sender
Timestamp
Request
Receiver
• Time is measured in milliseconds
after midnight UTC (Coordinated
Universal Time).
Timestamp
Reply
• Sender sends a request, receiver
responds with reply.
Type
(= 13 or 14)
Code
(=0)
identifier
Checksum
sequence number
32-bit sender timestamp
32-bit receive timestamp
32-bit transmit timestamp
© Jörg Liebeherr (modified by M. Veeraraghavan)
5
Example of an Error Message:
Port Unreachable
• There are 16 different ICMP error messages (‘codes’) of type
“Destination Unreachable”(Type = 3)
Code:
0
1
2
3
4
5
6
7
8
Message Type:
Network unreachable
Host unreachable
Protocol unreachable
Port unreachable
Fragmentation needed but
bit not set
Source route failed
Destination network
unknown
Destination node unknown
Source host isolated
© Jörg Liebeherr (modified by M. Veeraraghavan)
Code: Message Type:
9
Destination network
administratively prohibited
10
Destination host
administratively prohibited
11
Network unreachable for TOS
12
Host unreachable for TOS
13
Communication administratively prohibited by filtering
14
host precedence violation
15
precedence cutoff in effect
6
ICMP Port Unreachable
• RFC 792: If, in the destination host, the IP module cannot deliver the
datagram because the indicated protocol module or process
port is not active, the destination host may send a port
unreachable message to the source host.
• Scenario:
Client
© Jörg Liebeherr (modified by M. Veeraraghavan)
Server
No process
is waiting
at Port
1234
7
ICMP Port Unreachable
• Format of the Port Unreachable Message
ICMP Message
Ethernet
Header
IP header
Type
(= 3)
Code
(=0-15)
ICMP
header
IP header of datagram at least 8 bytes from IP
from client
payload of client
Checksum
Unused (Set to 00...0)
Note: Both UDP and TCP
store the Port Number in the
first 8 bytes !
Code = 3 for Port Unreachable
© Jörg Liebeherr (modified by M. Veeraraghavan)
8
ICMP Router advertisement
Type
Code
Num addrs Entry size
Checksum
Lifetime
Router address 1
Preference level 1
...
Router address n
Preference level n
© Jörg Liebeherr (modified by M. Veeraraghavan)
9
Fields in the router advertisement
• Router discovery is used to automate the process by which a
host determines a router address
• Periodically each router issues a router advertisement msg.
• Num addrs: Number of router addresses advertised in this
message
• Addr. entry size: The number of 32-bit words per router
address – this value must be 2
• Lifetime: maximum number of seconds that the router
advertisement may be considered valid (default: 1800)
© Jörg Liebeherr (modified by M. Veeraraghavan)
10
Fields contd.
• Router address i: The sending router’s address on the
interface from which the message was sent – a router can
have multiple interfaces to the same network or multiple
addresses even for a single interface (note this is not multiple
router addresses of different networks that the router is
connected to).
• Preference level i: set by an administrator
Router I
Internet
Router II
LAN
Host A
Router II will have higher preference if most of the
traffic is to the LAN, making it default for host A
© Jörg Liebeherr (modified by M. Veeraraghavan)
11
The PING program
• PING (=Packet InterNet Gopher) is a program that utilizes the
ICMP echo request and echo reply messages.
• PING is used to verify if a certain host is up and running. It is
used extensively for fault isolation in IP networks.
• PING can be used with a wide variety of options, e.g, :
-R Record route. Includes the RECORD_ROUTE option in the
ECHO_REQUEST packet and displays the route buffer on
returned packets.
-s packetsize Specifies the number of data bytes to be sent (Default is
56)
(In newer implementations, -s is used to continuously generate
queries)
© Jörg Liebeherr (modified by M. Veeraraghavan)
12
Echo Request and Reply
• PING’s are handled directly by the kernel.
• Each Ping is translated into an ICMP Echo Request.
• The Ping’ed host responds with an ICMP Echo Reply.
AIDA
© Jörg Liebeherr (modified by M. Veeraraghavan)
MNG
13
Format of Echo Request and Reply
Type
(=0 or 8)
Code
(=0)
Checksum
identifier
sequence number
optional
•Identifier is set to process Id of querying process.
•Sequence number is incremented for each new echo request.
© Jörg Liebeherr (modified by M. Veeraraghavan)
14
Running Ping
aida: ping mng.poly.edu
PING mng.poly.edu (128.238.42.105): 56 data bytes
64 bytes from 128.238.42.105: icmp_seq=0 ttl=128 time=0.718
64 bytes from 128.238.42.105: icmp_seq=1 ttl=128 time=3.408
64 bytes from 128.238.42.105: icmp_seq=2 ttl=128 time=3.171
64 bytes from 128.238.42.105: icmp_seq=3 ttl=128 time=0.701
64 bytes from 128.238.42.105: icmp_seq=4 ttl=128 time=0.693
64 bytes from 128.238.42.105: icmp_seq=5 ttl=128 time=1.528
64 bytes from 128.238.42.105: icmp_seq=6 ttl=128 time=0.689
64 bytes from 128.238.42.105: icmp_seq=7 ttl=128 time=3.077
^C
--- mng.poly.edu ping statistics --8 packets transmitted, 8 packets received, 0% packet loss
round-trip min/avg/max = 0.689/1.748/3.408 ms
© Jörg Liebeherr (modified by M. Veeraraghavan)
ms
ms
ms
ms
ms
ms
ms
ms
15
Running Ping to a different machine
Aida: ping www.cologne.de
PING fileserv1.cologne.de (194.94.233.1): 56 data bytes
64 bytes from 194.94.233.1: icmp_seq=0 ttl=240 time=447.080
64 bytes from 194.94.233.1: icmp_seq=1 ttl=240 time=368.383
64 bytes from 194.94.233.1: icmp_seq=2 ttl=240 time=353.992
64 bytes from 194.94.233.1: icmp_seq=3 ttl=240 time=323.380
64 bytes from 194.94.233.1: icmp_seq=4 ttl=240 time=353.782
64 bytes from 194.94.233.1: icmp_seq=5 ttl=240 time=326.356
^C
--- fileserv1.cologne.de ping statistics --7 packets transmitted, 6 packets received, 14% packet loss
round-trip min/avg/max = 323.380/362.162/447.080
© Jörg Liebeherr (modified by M. Veeraraghavan)
ms
ms
ms
ms
ms
ms
16
Running Ping on a different machine
duke% ping mng
mng.poly.edu is alive
© Jörg Liebeherr (modified by M. Veeraraghavan)
17
Traceroute program
• Uses ICMP and TTL rather than the IP Record Route option
• Why not use RR option?
– RR option not always implemented in routers
– RR is a one-way option - need to get a return message
– Room allocated in options field not sufficient
© Jörg Liebeherr (modified by M. Veeraraghavan)
18
Traceroute operation
ICMP Port Unreachable
ICMP Time Exceeded
ICMP Time Exceeded
Host
S
Router
Router
Host
D
IP datagram (TTL=1;
dest.=D)
IP datagram (TTL=2;
dest.=D)
UDP datagram (large port
number > 30,000)
© Jörg Liebeherr (modified by M. Veeraraghavan)
19
LAN Output
Svr4% traceroute slip
traceroute to slip (140.252.3.65), 30 hops max, 40 byte packets
1 bsdi (140.252.13.35) 20ms 10ms 10ms
2 slip (140.252.13.65) 120ms 120ms 120ms
• At each TTL value, three datagrams are sent
– Times correspond to the round-trip times for each
datagram
© Jörg Liebeherr (modified by M. Veeraraghavan)
20
Related documents
Introduction - ece.virginia.edu
Introduction - ece.virginia.edu
Introduction - University of Virginia
Introduction - University of Virginia
TCP flow and error control
TCP flow and error control
PPT
PPT
Introduction
Introduction
No Slide Title
No Slide Title
No Slide Title - Communications
No Slide Title - Communications
Folie 1 - uni-wuerzburg.de
Folie 1 - uni-wuerzburg.de
Zur Person Jörg Demus
Zur Person Jörg Demus
3.5 Neural Networks Basic data structures (I) Basic data structures (II
3.5 Neural Networks Basic data structures (I) Basic data structures (II
ITU-T Workshop on IP/Optical Session 11: Network Performance
ITU-T Workshop on IP/Optical Session 11: Network Performance
Solution
Solution