190 likes | 724 Views
ICMP : Internet Control Message Protocol. Computer Network System Sirak Kaewjamnong. Basic Ideas. ICMP is provided within IP which generates error messages to help IP layers(best effort delivery) Function of ICMP
E N D
ICMP : Internet Control Message Protocol Computer Network System Sirak Kaewjamnong
Basic Ideas • ICMP is provided within IP which generates error messages to help IP layers(best effort delivery) • Function of ICMP • a node recognizing a transmission problem (TTL exceed, destination unreachable, etc.) generates ICMP messages • ICMP provides some useful diagnostics about network operation (ping, traceroute)
Basic Ideas • ICMP error messages never generates due to: • ICMP error message selves • Broadcast, multicast • Others fragments, except first fragment • This to prevent broadcast storm • What are broadcast storm • a large number of broadcast datalink frames transmitted nearly simultaneous from several hosts • LAN may have been brought to standstill
Indicate error problems Type Code ……. Contain protocol indicate ICMP IP header IP Data Frame header e.g. Ethernet Frame Data ICMP Encapsulation
0 15 16 31 Type: 8 Code : 8 Checksum : 16 Content specific ICMP Header • Type : relevant ICMP message • Code : more details information • Checksum : covers ICMP header/data (not IP header)
ICMP Types Type Code Meaning 0 0 echo reply 3 0 network unreachable 3 1 host is unreachable 3 3 port is unreachable 4 0 source quench 5 0 redirect 8 0 echo request 9/10 0 router discovery/advertisement 11 0 time exceed 12 0 parameter problem 13/14 0 time stamp request 17/18 0 network request/reply
Type = 0 or 8 code checksum identifier Sequence number Optional data ICMP type 0/8 echo request/reply • PING sends icmp type 8 echo request to a node and expects an icmp type 0 echo reply • identifier and sequence number are used to identify datagrams
Type = 3 code checksum unused IP header + 64 bits of original data ICMP type 3 Destination Unreachable • Router is unable to deliver datagram, it can return the ICMP type 3 with failure code • Internet header plus 64 bits of original datagram are used to identify the datagram caused the problem
Type = 4 code checksum Unused (must be 0) IP header + 64 bits of original data ICMP type 4 Source Quench • Router detected hosts were overload would send this message to hosts that were the major cause • the host would then reduce the rate at which subsequence message are sent • RFC recommends that router must not generate source quench, host must still accept the message but need take no action
ICMP type 5 Route Change Request • Used only by router to suggest a more suitable route to the originator (also called ICMP redirect) Type = 5 code checksum IP address of a more suitable router IP header + 64 bits of original data
PING : ICMP Echo Request/Reply • PING sends and ICMP echo request to a remote host, which then return an ICMP echo reply to the sender • All TCP/IP node is supposed to implement ICMP and respond to ICMP echo PING Reply
PING Command • Send a single echo request message and wait for a reply • Another request is sent if the reply is not received within one second • Continue until at least one reply is received or stop after time out > ping maliwan maliwan.psu.ac.th is alive If maliwan down >ping maliwan no answer from maliwan.psu.ac.th
PING Command • Send an echo request message every seconds and records the time it takes for each reply • every echo request contains a unique sequence number to match reply and request • also record round-trip timing • also do packet lost statistics
PING Example C:\>ping maliwan.psu.ac.th Pinging maliwan.psu.ac.th [192.168.100.4] with 32 bytes of data: Reply from 192.168.100.4: bytes=32 time=3ms TTL=32 Reply from 192.168.100.4: bytes=32 time=3ms TTL=32 Reply from 192.168.100.4: bytes=32 time=3ms TTL=32 Reply from 192.168.100.4: bytes=32 time=4ms TTL=32 Ping statistics for 192.168.100.4: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 3ms, Maximum = 4ms, Average = 3ms C:\>_
What we get from PING? • Timing information • Connection reliability • Destination Unreachable (routable)
PING Results • no respond no end node, no connection • lost packet (significant when > 2-3 %) transmission error on LAN/WAN, overloading bridge or router • time acknowledge vary host/network overloading > 100 ms make telnet less acceptable • no lost and echo time is reasonably constant
Traceroute Command • Command to determine the active route to a destination address • How? • Send a UDP message to an unused port on the target host with ttl = 1 • router decrease ttl to 0, it has to return an ICMP time exceed massage • traceroute set ttl = 2 and retransmits, this time go one more hop • ttl++ until UDP reach the destination • the target returns an ICMP service unreachable because there is no UDP port service
Traceroute Example C:\>tracert www.psu.ac.th Tracing route to s1.psu.ac.th [192.168.100.61] over a maximum of 30 hops: 1 1 ms 1 ms 1 ms cs-gw.cs.psu.ac.th [172.28.80.1] 2 2 ms 2 ms 1 ms esw-cc.psu.ac.th [192.168.99.39] 3 2 ms 3 ms 5 ms cc-atm.psu.ac.th [192.168.0.249] 4 4 ms 2 ms 3 ms tooky.psu.ac.th [192.168.98.11] 5 3 ms 3 ms 3 ms s1.psu.ac.th [192.168.100.61] Trace complete. C:\> • usually probes each hop 3 times • a lost message or a router that doesn’t respond with denote with an “ * “