Download ppt - Internet Command Message Protocol (ICMP)

Internet Command Message Protocol(ICMP)

CS-431

Dick Steflik

ICMP

• Internet Command Message Protocol (ICMP)

• RFC 792

• Used to communicate IP status and error messages between host and routers

ICMP• Used to communicate IP status and error messages

between hosts and routers

• Uses IP to route its messages between hosts

• Must be implemented with IP• remember, IP is just a packet delivery system

• transmits and routes datagrams from sources to destinations through a series of interconnected networks

• it has a checksum in the IP header to detect lost bits– no error detection on the datagram payload though

• but has no native mechanism for source host notification

• This is where ICMP comes in• its used to report IP errors to the source host

• ICMP data is carried as the payload of an IP datagram• specifies additional message formats within this area

Basic ICMP Header

• Headers are 32 bits in length; all contain same three fields• type - 8 bit message type code

• thirteen message type are defined

• code - 8 bit; indicating why message is being sent

• checksum - standard internet checksum• 16 bit 1’s complement sum of the payload and header

– for purpose of calculation the checksum field is set to zero

ICMP Message types

• 0 - Echo Reply

• 3 - Destination Unreachable

• 4 - Source Quench

• 5 - Redirect

• 8 - Echo

• 11 - Time Exceeded

• 12 - Parameter Problem

• 13 - Timestamp

• 14 - Timestamp Reply

• 15 - Information Request

• 16 - Information Reply

• 17 - Address Mask Request

• 18 - Address Mask Reply

Destination Unreachable (3)• ICMP header (4 bytes) + unused 32 bits (4 bytes) + IP header (24

bytes) + first 64 bits of data (8 bytes) = 40 bytes

• Codes:• 0 - net unreachable ; 1 - host unreachable

• 2 - protocol unreachable ; 3 - port unreachable• sent by destination host IP module

• 4 - fragmentation needed DF set ; 5 source route failed

• 6 - destination network unknown ; 7 destination host unknown

• 8 - source host isolated ; 9 - comm. with destn network prohibited

• 10 - comm. With dest host prohibited ; 11 - network unreachable for service

• 12 - host unreachable for service

• Sent to originating host because destination is unreachable• may be determined by a router

• destination IP may find the indicated protocol unavailable

• Don’t Fragment (DF) bit in the IP header is set but fragmentation is required to continue forwarding

Source Quench (4)

• Same message format as type 3

• Code : 0

• Sent to a host when an intermediate router or the destination host with the source host’s transmission rate• may be sent to a source when a router is saturated

• may be sent by a receiving host if it receive buffers are filling up

• Upon receipt the source host should throttle back on its transmission rate until the Source Quench goes away.• Can then increase its transmission rate

Redirect (5) • Same format as type 3

• Code:• 0 - redirect datagrams for the network

• 1 - redirect datagrams for the host

• 2 - redirect datagrams for the type of service and the network

• 3 - redirect datagrams for the type of service and host

• a router sends a message to a host when it determines a datagram that originated from the host must be forwarded to router that can be directly reached• allows the host to sent future datagrams to the optimal first-hop

router increasing network efficiency

• not used for datagrams that have source routing options

Echo (8)/Echo Reply (0)

• ICMP header (4 bytes) + identifier (2 bytes) + sequence number (2 bytes) + data (4 bytes)• identifier - used to match Echoes and Echo Replies

• sequence - used to match Echoes with Echo Replies

• Used to determine if a host is reachable• a host receiving an echo message

• reverses the IP source and destination addresses

• sets the ICMP type field to zero (echo reply)

• recomputes the ICMP checksum

• identifier, sequence and data are sent back unchanged

Time Exceeded (11)

• Same format as type 3

• Code:• 0 - time to live exceeded in transit

• 1 - fragment reassembly time exceeded

• Time exceeded message is sent if:• a router finds a datagram with TTL set to zero

• router discards the datagram and sends message with code field set to 0

• a host does not receive all of the fragments of a datagram before its local reassemble timer expires

• host discards all fragments and return message with code field set to 1

Parameter Problem (12)• ICMP Header (4 bytes) + pointer (1 byte) + unused (3 bytes)

+ IP header (24 bytes) + first 64 bits of data (8 bytes) • pointer - identifies octet where error occurred

• Code:• 0 - misc parameter problem

• 2 - required option missing

• sent to a host when a router or host processing a datagram finds a problem with the information in the datagram.• Only sent if the datagram had to be discarded

• pointer field is zero based– ex: 1 indicates problem with type of service; 20 indicates first option

Timestamp(13)/Timstamp Reply(14)

• ICMP Header (4 bytes) + identifier (2 bytes) + seq num (2 bytes) + Originate Timestamp (4 bytes) + Receive Timestamp (4 bytes) + Transmit Timestamp (4 bytes)

• Timestamps are number of msec past midnight UTC

• used to determine the latency between the sender and receiver• receiver forms a message by

• reversing the originate and destination addr in the IP header

• setting ICMP type code to 14

• updating the timestamp fields

• recomput the ICMP checksum

Info Request (15)/Info Reply(16)

• Same as type 8, but no data

• Code: 0

• used by a host to determine the network number the host resides on

• receiver • reverses the source and destination addresses in the IP header

• set the correct network number

• set ICMP type to 16

• recompute the ICMP checksum

• Obsolete; shouldn’t be used replaced by BOOTP and RARP

Addr Mask Rqst (17)/Addr Mask Reply(18)

• ICMP Header (4 bytes) + identifier (2 bytes) + seq.num. (2 bytes) + addr mask (4 bytes)• identifier - used to match requests with replies.

• seq.num. - used to match requests with replies.

• Hosts and routers can request the subnet address mask for the network they reside on at boot time.• Host or router broadcasts it on the local network

• a receiving router should return it in a reply message

• This message is defined in RFC 950

ICMPv6

• New version of ICMP to go along with IPv6• Absorbs many IGMP and ARP functions

• Used for:• Reporting errors in IP packet processing

• Performing diagnostics

• performing Neighbor Discovery and reporting IPv6 multicast memberships

• Two types of messages: • Error messages

• Information messages

Error Message Categories

• Destination Unreachable

• Packet too big

• Time exceeded

• Parameter problem

Informational Messages

• Diagnostic messages

• Multicast group management messages

• Neighbor discovery messages

• Every ICMPv6 message is preceeded by an IPv6 header and 0 or more IPv6 extension headers.

• A next header field of 58 nidentifies the ICMPv6 message (different than IPv4)

Message Format

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|| Type | Code | Checksum | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|| | | Message Body || | | +-------------------------------------------------------------+