The world wide web Control Message Protocol, or ICMP, described in RFC 792, specifies various messages whose prevalent purpose will be to manage the network. ICMP messages may be classified as either error messages or queries and responses. Figure 1-16 shows the general ICMP packet format. The packets are identified by sort; several in the packet forms have much more precise forms, and these are identified by the code field. Table 1-6 lists the several ICMP Port packet forms and their codes, as described in RFC 1700.
Figure 1-16. The ICMP packet header consists of a sort field, a code field that further identifies some forms, as well as a checksum. The rest in the fields depend on the sort and code.
image
Table 1-6. ICMP Ping packet forms and code fields.
Type
Code
Name
0
0
ECHO REPLY
three
DESTINATION UNREACHABLE
0
Network Unreachable
1
Host Unreachable
two
Protocol Unreachable
three
Port Unreachable
4
Fragmentation Essential and Do not Fragment Flag Set
5
Source Route Failed
6
Destination Network Unknown
7
Destination Host Unknown
8
Source Host Isolated
9
Destination Network Administratively Prohibited
10
Destination Host Administratively Prohibited
11
Destination Network Unreachable for Type of Service
12
Destination Host Unreachable for Type of Service
4
0
Source QUENCH (deprecated)
5
REDIRECT
0
Redirect Datagram for the Network (or Subnet)
1
Redirect Datagram for the Host
two
Redirect Datagram for the Network and Type of Service
three
Redirect Datagram for the Host and Type of Service
6
0
ALTERNATE HOST ADDRESS
8
0
ECHO
9
0
ROUTER ADVERTISEMENT
10
0
ROUTER Choice
11
TIME EXCEEDED
0
Time to Reside Exceeded in Transit
1
Fragment Reassembly Time Exceeded
12
PARAMETER Problem
0
Pointer Indicates the Error
1
Missing a Necessary Option
two
Negative Length
13
0
TIMESTAMP
14
0
TIMESTAMP REPLY
15
0
Facts REQUEST (Obsolete)
16
0
Facts REPLY (Obsolete)
17
0
ADDRESS MASK REQUEST (Near-obsolete)
18
0
ADDRESS MASK REPLY (Near-obsolete)
30
-
TRACEROUTE
Instance 1-11 and Instance 1-12 show analyzer captures of two in the most well-known ICMP Protocol messages Echo Request and Echo Reply, that are utilized by the ping function.
Instance 1-11. ICMP Echo message, shown with its IPv4 header.
World-wide-web Protocol, Src Addr: 172.16.1.21 (172.16.1.21),
Dst Addr: 198.133.219.25 (198.133.219.25)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 84
Identification: 0xabc3 (43971)
Flags: 0x00
Fragment offset: 0
Time to reside: 64
Protocol: ICMP (0x01)
Header checksum: 0x8021 (correct)
Source: 172.16.1.21 (172.16.1.21)
Destination: 198.133.219.25 (198.133.219.25)
World-wide-web Control Message Protocol
Type: 8 (Echo (ping) request)
Code: 0
Checksum: 0xa297 (correct)
Identifier: 0x0a40
Sequence number: 0x0000
Data (56 bytes)
0000 40 fd ab c2 00 0e 73 57 08 09 0a 0b 0c 0d 0e 0f @.....sW........
0010 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................
0020 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./
0030 30 31 32 33 34 35 36 37 01234567
Instance 1-12. ICMP Echo Reply.
World-wide-web Protocol, Src Addr: 198.133.219.25 (198.133.219.25),
Dst Addr: 172.16.1.21 (172.16.1.21)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 84
Identification: 0xabc3 (43971)
Flags: 0x00
Fragment offset: 0
Time to reside: 242
Protocol: ICMP (0x01)
Header checksum: 0xce20 (correct)
Source: 198.133.219.25 (198.133.219.25)
Destination: 172.16.1.21 (172.16.1.21)
World-wide-web Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
Checksum: 0xaa97 (correct)
Identifier: 0x0a40
Sequence number: 0x0000
Data (56 bytes)
0000 40 fd ab c2 00 0e 73 57 08 09 0a 0b 0c 0d 0e 0f @.....sW........
0010 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................
0020 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./
0030 30 31 32 33 34 35 36 37 01234567
Although most ICMP forms have some bearing on routing functionality, three forms are of particular importance:
Router Advertisement and Router Choice, forms 9 and 10, respectively, are utilized by the ICMP Router Discovery Protocol (IRDP), a protocol utilized by some operating systems (such as most versions of Microsoft Windows) to discover local routers.
Redirect, ICMP sort 5, is utilized by routers to notify hosts of another router on the information link that should be utilized for a particular destination. Suppose two routers, Router A and Router B, are connected to the same Ethernet. Host X, also on the Ethernet, is configured to use Router A as its default gateway; the host sends a packet to Router A, as well as a sees that the destination address in the packet is reachable via Router B (that is, Router A must forward the packet out the same interface on which it was received). Router A forwards the packet to B but also sends an ICMP redirect to host X informing it that in the future, to reach that particular destination, X should forward the packet to Router B. Instance 1-13 shows a router sending a redirect.
Instance 1-13. Using the debugging function debug ip icmp, this router can be seen sending a redirect to host 10.158.43.25, informing it that the correct router for reaching destination 10.158.40.1 is reachable via gateway (gw) 10.158.43.10.
Pip#debug ip icmp
ICMP packet debugging is on
ICMP: redirect sent to 10.158.43.25 for dest 10.158.40.1, use gw 10.158.43.10
0
Pip#
An occasionally utilized trick to avoid redirects on information links with multiple attached gateways will be to set each host's default gateway as its own IPv4 address. The hosts will then ARP for any address, and if the address is not on the information link, the correct router should respond via proxy ARP. The benefits of using this tactic merely to avoid redirects are debatable; redirects are decreased or eliminated, but at the expense of increased ARP traffic.
Redirects are enabled by default in IOS and may be disabled on a per interface basis with the command no ip redirects.
Wednesday, April 18, 2012
The web Control Message Protocol
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment