1

CMPT 471Networking II

ICMP

© Janice Regan, 2012

© Janice Regan, 2012 2

Errors in Packet Switching Networks Possible causes of errors include

Hardware failure Network congestion Inability to fragment (DF set) Routing loops Unavailable host (disconnected or failed) Queue overrun on routers

IP offers best effort delivery, it needs a mechanism to inform the source of packets dropped because of errors (except transmission errors). In the remainder of this lecture errors will mean errors not cause by transmission impairments

© Janice Regan, 2012 3

Dealing with errors IP datagram delivery (network level) has a header

checksum to detect transmission errors in the IP header TCP has a checksum which covers the TCP header,

pseudo header and data Higher level protocols (for example TCP) also handle

more types of errors Higher level protocols may deal with any errors not

caught at lower levels. It may be more efficient to catch errors in the IP layer than in the TCP layer

Within IP need an error reporting mechanism to report such errors, one such mechanism is the ICMP protocol.

© Janice Regan, 2012 4

ICMP Internet Control Message Protocol is an

integral part of IP ICMP messages are carried as the data portion

of an IP datagram Communicates between the IP software on

different hosts Used (primarily by routers) to report errors back

to the original source. Used to enquire about the state and

configuration of routers and hosts Reports errors and in some cases suggests

corrective action

© Janice Regan, 2012 5

ICMP encapsulation

© Janice Regan, 2012 6

ICMP message format There are several types of ICMP messages designed to

report different types of errors Each ICMP message has its own format, but all start

with the same three fields A type field (1 octet) indicating which type of ICMP message

follows A 1 octet code following the type that further defines the

message (see text for list) For example type specifies destination unreachable, code

specifies router or host The 3rd common field is a 2 octet checksum. The checksum is

calculated the same way as the ARP checksum, including the entire ICPM PDU

© Janice Regan, 2012 7

ICMPv4 Message Types

Comer 2000:

© Janice Regan, 2012 8

IPv4Destination Unreachable Codes0 Net Unreachable Host Unreachable Protocol Unreachable Port Unreachable Fragmentation Needed and Don't Fragment was Set Source Route Failed Destination Network Unknown Destination Host Unknown Source Host Isolated Communication with Destination Network is Administratively

Prohibited 1 Communication with Destination Host is Administratively Prohibited Destination Network Unreachable for Type of Service Destination Host Unreachable for Type of Service

© Janice Regan, 2012 9

ICMP Echo Request/Reply

Echo request is sent by the ping command to test for reachability Echo reply is sent in response to a received echo reply to confirm

reachability Type: request 8, reply 0, Code 0 : no additional qualifying codes Identifier and sequence number are optional, they can be used to

match replies with requests The optional data in a echo request must be returned in the resulting

echo reply Linux ping has a record route and a timestamp option

Comer 2000: fig 9.2

© Janice Regan, 2012 10

ICMP destination unreachable

Sent when a router or host cannot deliver a datagram due to an identified failure (not all failures are identified)

Can be disabled, not all hosts or routers will send ICMP messages The codes indicate what destination could not be reached and why

(see table in text) The header and datagram information is provided to identify the

packet needing retransmission (port numbers and sequence number for TCP UDP)

Comer 2000: fig 9.3

© Janice Regan, 2012 11

ICMP Source Quench Message

Used to help control congestion When a packet must be dropped due to congestion a

source quench packet may be sent When the source receives a source quench message it

may reduce the rate at which it transmits to the network 1 quench message per round trip travel time should cause

change

Comer 2000: fig 9.4

© Janice Regan, 2012 12

ICMP redirect message

Temporary of permanent changes to network routing on one host may cause other routes on other hosts to become incorrect

When a router detects a host on a directly connected network using non optimal routing it can send an ICMP redirect message

This mechanism allows dynamic calculation of routes by routers (not hosts) to interact with host routing tables

Allowing redirct messages to prompt routing changes can be a security issue and redirect messages are often disabled to protect from the security risk

Comer 2000: fig 9.6

© Janice Regan, 2012 13

ICMP time exceeded message

Possible causes for timeout To much time in transit (TTL reaches 0). Code 0 Missing fragments in reassembly of fragmented

packets. Code 1

Similar format to source quench message

Comer 2000: fig 9.7

© Janice Regan, 2012 14

ICMP parameter problem

When a router finds problems not handled by previous messages that are severe enough to require the packet to be discarded

Can deal with problems such as incorrect parameters for IP options

Comer 2000: fig 9.8

© Janice Regan, 2012 15

ICMP timestamp request/reply

Used for synchronization and estimation of travel times Originate timestamp added just before transmission Receive timestamp added immediately after receipt Transmit timestamp added immediately before the reply is

transmitted This means that transit time (not queuing time) is measured In practice, because clocks on different systems may show different

times, travel time and synchronization is complicated

Comer 2000: fig 9.9

© Janice Regan, 2012 16

ICMP address mask request/reply

To determine the subnetwork address mask for the local subnetwork a host may send an address mask reply to a directly connected router

When the router replies the address mask field will contain the subnet mask

Identifier and sequence number are used to associate the request with the reply

Comer 2000: fig 9.10

© Janice Regan, 2012 17

ICMP Router discovery

Used to dynamically determine the address of directly connected routers

An alternative to BOOTP and DHCP (both based on manually configured databases)

This is a router advertisement packet that is sent periodically (default every 10 minutes, with lifetime of 30 minutes)

If an advertisment is not received by a host during the lifetime, the host will discard the routing entry for that router (until it hears again)

Comer 2000: fig 9.11

© Janice Regan, 2012 18

ICMP Router Solicitation

A host that has just booted will not wish to wait 10 minutes to discover the routers on the network

A host can send a solicitation requesting an additional immediate router discovery message

Comer 2000: fig 9.12

© Janice Regan, 2012 19

ICMPv6 (RFC 2463) Retains functionality of IPv4 Adds functionality of ARP and IGMP Adds new functionality, autoconfiguration and

unreachability detection Includes neighbor discovery (RFC 2461) a sub protocol

that replaces ARP and router discovery in ICMP. Can determine when a neighbor has become unreachable

Includes Multicast Listener Discoverer (replacing IGMP)