Professional Documents
Culture Documents
MUT
MUT
Introduction ICMPv4 IPv6 ICMPv6
MUT
Introduction 3 TCP/IP
MUT
IGMP = will talk in the class of multicasting ICMPv4= This class IPv4 = Last Class ARP = Last Classes IPv6 = This class ICMPv6 = This class
Introduction ICMPv4 IPv6 ICMPv6
MUT
MUT
Objectives
Upon completion you will be able to: Be familiar with the ICMP message format Know the types of error reporting messages Know the types of query messages Be able to calculate the ICMP checksum Know how to use the ping and traceroute commands Understand the modules and interactions of an ICMP package
MUT
ICMP encapsulation
MUT
ICMP is network layer protocol but its messages are first encapsulated inside IP datagrams Protocol Field in IP header =1
TYPES OF MESSAGES
ICMP messages are divided into error-reporting messages and query messages. The error-reporting messages report problems that a router or a host (destination) may encounter. The query messages get specific information from a router or another host.
MUT
MUT
ICMP messages
MESSAGE FORMAT
An ICMP message has an 8-byte header and a variable-size data section. Although the general format of the header is different for each message type, the first 4 bytes are common to all.
MUT
Type : defined in the previous slide Code: the reason for particular message types Checksum: calculated over the entire message (header and data). Rest of the header: specific for each message types DATA: Error message information for finding the error packet Query messages extra information
ERROR REPORTING
IP, as an unreliable protocol, is not concerned with error checking and error control. ICMP was designed, in part, to compensate for this shortcoming. ICMP does not correct errors, it simply reports them.
MUT
The topics discussed in this section include: Destination Unreachable Source Quench Time Exceeded Parameter Problem Redirection
Error-reporting messages
MUT
MUT
Note:
The following are important points about ICMP error messages:
No ICMP error message will be generated in response to a datagram carrying an ICMP error message. No ICMP error message will be generated for a fragmented datagram that is not the first fragment. No ICMP error message will be generated for a datagram having a multicast address. No ICMP error message will be generated for a datagram having a special address such as 127.0.0.0 or 0.0.0.0.
MUT
Destination-unreachable format
Information and Communication engineering (ICE)
MUT
Error code
0 : The network is unreachable 1 : The host is unreachable 2 : The protocol is unreachable 3 : The port is unreachable 4 : Fragmentation is required Other destination-unreachable 5 : Source routing could not be accomplished messages can be created only by 6 : The destination network is unknown routers. 7 : The destination host is unknown 8 : The source is isolated 9 : Communication with the destination network is administratively prohibited 10 : Communication with the destination host is administratively prohibited 11 : The network is unreachable for the specified type of service 12 : The host is unreachable for the specified type of service 13 : The host is unreachable because the administrator has put a filter on it 14 : The host is unreachable because the host precedence is violated 15 : The host is unreachable because the host precedence was cut off
MUT
Destination-unreachable messages with codes 2 or 3 can be created only by the destination host.
Precedence
14 Host Precedence Violation. Sent by the first hop router to a host to indicate that a requested precedence is not permitted for the particular combination of source/destination host or network, upper layer protocol, and source/destination port; 15 Precedence cutoff in effect. The network operators have imposed a minimum level of precedence required for operation, the datagram was sent with a precedence below this level;
MUT
MUT
Note: A router cannot detect all problems that prevent the delivery of a packet. There is no flow-control mechanism in the IP protocol.
Source-quench format
MUT
Cause of Congestion
A source-quench message informs the source that a datagram has been discarded due to congestion in a router or the destination host. The source must slow down the sending of datagrams until the congestion is relieved.
MUT
Note: One source-quench message is sent for each datagram that is discarded due to congestion.
Whenever a router decrements a datagram with a time-to-live value to zero, it discards the datagram and sends a time-exceeded message to the original source.
MUT
Note: When the final destination does not receive all of the fragments in a set time, it discards the received fragments and sends a time-exceeded message to the original source.
MUT
Note: In a time-exceeded message, code 0 is used only by routers to show that the value of the time-to-live field is zero. Code 1 is used only by the destination host to show that not all of the fragments have arrived within a set time.
MUT
- Timeout - TTL
MUT
Redirection concept
MUT
A host usually starts with a small routing table that is gradually augmented and updated. One of the tools to accomplish this is the redirection message.
MUT
A redirection message is sent from a router to a host on the same local network.
QUERY
ICMP can also diagnose some network problems through the query messages, a group of four different pairs of messages. In this type of ICMP message, a node sends a message that is answered in a specific format by the destination node.
MUT
The topics discussed in this section include: Echo Request and Reply Timestamp Request and Reply Address-Mask Request and Reply Router Solicitation and Advertisement
Query messages
MUT
An echo-request message can be sent by a host or router. An echoreply message is sent by the host or router which receives an echorequest message.
Echo-request and echo-reply messages can test the reachability of a host. This is usually done by invoking the ping command.
MUT
MUT
MUT
Note:
Timestamp-request and timestamp-reply messages can be used to calculate the round-trip time between a source and a destination machine even if their clocks are not synchronized. The timestamp-request and timestamp-reply messages can be used to synchronize two clocks in two machines if the exact one-way time duration is known.
MUT
MUT
MUT
CHECKSUM
In ICMP the checksum is calculated over the entire message (header and data).
MUT
The topics discussed in this section include: Checksum Calculation Checksum Testing
Example 1
The following Figure shows an example of checksum calculation for a simple echo-request message. We randomly chose the identifier to be 1 and the sequence number to be 9. The message is divided into 16-bit (2-byte) words. The words are added together and the sum is complemented. Now the sender can put this value in the checksum field.
MUT
MUT
DEBUGGING TOOLS
Two tools that use ICMP for debugging: ping and traceroute.
MUT
Ping Traceroute
Example 2
We use the ping program to test the server fhda.edu. The resul is shown below:
$ ping fhda.edu PING fhda.edu (153.18.8.1) 56 (84) bytes of data. 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=0 ttl=62 time=1.91 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=1 ttl=62 time=2.04 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=2 ttl=62 time=1.90 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=3 ttl=62 time=1.97 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=4 ttl=62 time=1.93 ms
MUT
Example 2 (Continued)
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=5 ttl=62 time=2.00 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=6 ttl=62 time=1.94 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=7 ttl=62 time=1.94 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=8 ttl=62 time=1.97 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=9 ttl=62 time=1.89 ms 64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=10 ttl=62 time=1.98 ms --- fhda.edu ping statistics --11 packets transmitted, 11 received, 0% packet loss, time 10103ms rtt min/avg/max = 1.899/1.955/2.041 ms
MUT
Example 3
For the this example, we want to know if the adelphia.net mail server is alive and running. The result is shown below:
$ ping mail.adelphia.net PING mail.adelphia.net (68.168.78.100) 56(84) bytes of data. 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=0 ttl=48 time=85.4 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=1 ttl=48 time=84.6 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=2 ttl=48 time=84.9 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=3 ttl=48 time=84.3 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=4 ttl=48 time=84.5 ms
MUT
Example 3
64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=5 ttl=48 time=84.7 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=6 ttl=48 time=84.6 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=7 ttl=48 time=84.7 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=8 ttl=48 time=84.4 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=9 ttl=48 time=84.2 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=10 ttl=48 time=84.9 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=11 ttl=48 time=84.6 ms 64 bytes from mail.adelphia.net (68.168.78.100): icmp_seq=12 ttl=48 time=84.5 ms --- mail.adelphia.net ping statistics --14 packets transmitted, 13 received, 7% packet loss, time 13129ms rtt min/avg/max/mdev = 84.207/84.694/85.469
MUT
Example 4
We use the traceroute program to find the route from the computer voyager.deanza.edu to the server fhda.edu. The following shows the result: $ traceroute fhda.edu
traceroute to fhda.edu (153.18.8.1), 30 hops max, 38 byte packets 1 Dcore.fhda.edu (153.18.31.254) 0.995 ms 0.899 ms 0.878 ms 2 Dbackup.fhda.edu (153.18.251.4) 1.039 ms 1.064 ms 1.083 ms 3 tiptoe.fhda.edu (153.18.8.1) 1.797 ms 1.642 ms 1.757 ms
MUT
Example 4 (Continued)
The un-numbered line after the command shows that the destination is 153.18.8.1. The TTL value is 30 hops. The packet contains 38 bytes: 20 bytes of IP header, 8 bytes of UDP header, and 10 bytes of application data. The application data is used by traceroute to keep track of the packets. The first line shows the first router visited. The router is named Dcore.fhda.edu with IP address 153.18.31.254. The first round trip time was 0.995 milliseconds, the second was 0.899 milliseconds, and the third was 0.878 milliseconds. The second line shows the second router visited. The router is named Dbackup.fhda.edu with IP address 153.18.251.4. The three round trip times are also shown. The third line shows the destination host. We know that this is the destination host because there are no more lines. The destination host is the server fhda.edu, but it is named tiptoe. fhda.edu with the IP address 153.18.8.1. The three round trip times are also shown.
MUT
Example 5
In this example, we trace a longer route, the route to xerox.com $ traceroute xerox.com
traceroute to xerox.com (13.1.64.93), 30 hops max, 38 byte packets 1 Dcore.fhda.edu (153.18.31.254) 0.622 ms 0.891 ms 0.875 ms 2 Ddmz.fhda.edu (153.18.251.40) 2.132 ms 2.266 ms 2.094 ms ... 18 alpha.Xerox.COM (13.1.64.93) 11.172 ms 11.048 ms 10.922 ms Here there are 17 hops between source and destination. Note that some round trip times look unusual. It could be that a router is too busy to process the packet immediately.
MUT
Example 6
An interesting point is that a host can send a traceroute packet to itself. This can be done by specifying the host as the destination. The packet goes to the loopback address as we expect. $ traceroute voyager.deanza.edu
traceroute to voyager.deanza.edu (127.0.0.1), 30 hops max, 38 byte packets 1 voyager (127.0.0.1) 0.178 ms 0.086 ms 0.055 ms
MUT
Example 7
Finally, we use the traceroute program to find the route between fhda.edu and mhhe.com (McGraw-Hill server). We notice that we cannot find the whole route. When traceroute does not receive a response within 5 seconds, it prints an asterisk to signify a problem, and then tries the next hop.. $ traceroute mhhe.com
traceroute to mhhe.com (198.45.24.104), 30 hops max, 38 byte packets 1 Dcore.fhda.edu (153.18.31.254) 1.025 ms 0.892 ms 0.880 ms 2 Ddmz.fhda.edu (153.18.251.40) 2.141 ms 2.159 ms 2.103 ms 3 Cinic.fhda.edu (153.18.253.126) 2.159 ms 2.050 ms 1.992 ms ... 16 * * * 17 * * * ...............
MUT
ICMP PACKAGE
To give an idea of how ICMP can handle the sending and receiving of ICMP messages, we present our version of an ICMP package made of two modules: an input module and an output module.
MUT
The topics discussed in this section include: Input Module Output Module
ICMP package
Information and Communication engineering (ICE)
MUT
MUT
L5 L4 L3 L2 L1
H 1 8 DATA
MUT
1010101011..
L3 L3 C B L2 L2 L2 L2 L1 L1 L1 L1 A L1 101011.. 101011..
L2 L1
L3
L2 L1 101010..
L1
L5 L4 G L3 F L2 D E L1 1010101010001011..
C IPA=8
ICMP A, B, C, D, E, F,G
A = B = C = error D = E = F = G = error
MUT
Exercise 13: How can we determine if an IP packet is carrying an ICMP packet?
MUT
Protocol field in IP header = 1
MUT
Exercise 17: An ICMP message has arrived with the header (in hexadecimal): 03 03 10 20 00 00 00 00 00
What is the type of the message? What is the code ? What is purpose of the message ?
MUT
MUT
IPv4 IPv4
MUT
(port scanning)
UDP ICMP packets ICMP
MUT
Code = 3
Introduction ICMPv4 IPv6 ICMPv6
MUT
MUT
Upon completion you will be able to: Understand the shortcomings of IPv4
Know the IPv6 address format, address types, and abbreviations Be familiar with the IPv6 header format Know the extension header types Know the differences between ICMPv4 and ICMPv6 Know the strategies for transitioning from IPv4 to IPv6
IPv6
IPv6 has these advantages over IPv4: 1. larger address space 128 bits 32 bits 2. better header format keep header overhead to a minimum 3. new options additional functionalities 4. allowance for extension for new technologies or applications 5. support for resource allocation using flow label for QoS 6. support for more security confidentially and integrity of the packets The topics discussed in this section include: IPv6 Addresses Address Space Assignment Packet Format Comparison between IPv4 and IPv6
MUT
IPv6 address
Information and Communication engineering (ICE)
MUT
Abbreviated address
Information and Communication engineering (ICE)
MUT
MUT
1 IP
CIDR address
Information and Communication engineering (ICE)
MUT
Address structure
MUT
MUT
Provider-based address
MUT
Type identifier 010:a provider-based address Registry 11000:North America 01000:European 10100:Asian and Pacific countries
Address hierarchy
MUT
Provider prefix an ISP, variable-length Subscriber prefix an organization subscriber, 24 bits Subnet prefix a network under a territory of the subscriber, 32 bits Node Identifier the identity of node connected to the subnet 48 bits
Unspecified address
MUT
For: - a host does no know its own address - A host sends an inquiry to find its address
Loopback Address
MUT
Compatible address
MUT
-Used when a computer using IPv6 wants to send a packet to another computer using IPv6 - the packet passes through IPv4 networks IPv6 IPv4 IPv6 0x02 2 0x0D13 0x1117 0x0E14
Mapped address
MUT
For: -Used when a computer that has migrated to IPv6 want to sent a packet to a computer still using IPv4
MUT
MUT
For: -Used for a site with several networks - Used in isolated networks - Does not have a global effect
Multicast address
MUT
IPv6 datagram
Information and Communication engineering (ICE)
MUT
MUT
Flow label: a particular flow of data Payload length: length of IP datagram excluding the base header(40 bytes) Next Header: Header following the base header Hop limit: TTL Source Address: the original source IP address Destination Address: the final destination IP address
MUT
MUT
MUT
MUT
MUT
MUT
MUT
Used when the source needs to pass information to all router visited by the datagram
MUT
Pad1
Information and Communication engineering (ICE)
MUT
PadN
Information and Communication engineering (ICE)
MUT
Jumbo payload
MUT
For: - normally the IP datagram can be a maximum of 65535 bytes - Jumbo payload =2^32-1 (4,294,967,295 bytes)
Source routing
Information and Communication engineering (ICE)
MUT
MUT
Fragmentation
MUT
- Only the source could do - PATH MTU Discovery technique -If no path MTU discovery, a size of 576 bytes of smaller
Authentication
Information and Communication engineering (ICE)
MUT
MUT
The authentication header validates the message sender and ensures the integrity of data
MUT
MUT
Tunnel-mode encryption
Information and Communication engineering (ICE)
MUT
MUT
MUT
Exercise 2: Show the original (unabbreviated) form of the following address:
a. b. c. d. 0::0 0:AA::0 0:1234::3 123::1:2
MUT
a. b. c. d. 0::0
a. a. a. a. 0000:0000:0000:0000:0000:0000:0000:0000:0000 0000:00AA:0000:0000:0000:0000:0000:0000:0000 0000:1234:0000:0000:0000:0000:0000:0000:0003 0123:0000:0000:0000:0000:0000:0000:0001:0002
MUT
Exercise 3: What is the type of the following addresses:
a. b. c. d. FE80::12 FEC0::24A2 FE02::0 0::01
MUT
First 10 bits = 1111111010 Link local address First 10 bits = 1111111011Site local address First byte = 11111111 Multicast address
MUT
a. b. c. d.
FE80::12 11111110:1000000:12
a. a. a. Link local address Link local address Multicast Loopback Address
Exercise 14: A host has the address 581E:1456:2314:ABCD::1211. If the node identification is 48 bits and the subnet identification is 32 bits, find the provider prefix?
MUT
MUT
The provider prefix is the type identifier plus registry identifier plus provider identifier (3 + 5 + 16 = 24 bits).
581E:1456:2314:ABCD:0000:0000:0000:1211010110000011110:1456:2314:ABCD::1211 Node identifier = 48 bits Subnet identifier = 32 bits The prefix provider =581E:14
Exercise 28: what is the ip-compatible address for 119.254.254.254?
MUT
MUT
119.254.254.254->77.FE.FE.FE
IP-compatible = 0::77FE:FEFE
Exercise 29: what is the ip-mapped address for 119.254.254.254?
MUT
MUT
119.254.254.254->77.FE.FE.FE
IP-mapped address = 0::FFFF:77FE:FEFE
Introduction ICMPv4 IPv6 ICMPv6
MUT
ICMPv6
ICMPv6, while similar in strategy to ICMPv4, has changes that makes it more suitable for IPv6. ICMPv6 has absorbed some protocols that were independent in version 4.
MUT
MUT
MUT
MUT
Error-reporting messages
MUT
Destination Unreachable: The same concept as in ICMPv4 Packet too big: a router receives a packet that is larger than MTU Time exceed: Have not arrived within the time limit Parameter problems: Error in header fields, an unrecognized extension header, an unrecognized option Redirection: the same concept as in ICMPv4
MUT
MUT
0: No path to destination 1: Communication is prohibited 2: Strict source routing is impossible. 3: Destination address is unreachable. 4: Port is not available.
MUT
MUT
0: a hop limit field =0 1: not arrived within the time limit for fragments of datagram
MUT
MUT
Query messages
Information and Communication engineering (ICE)
MUT
MUT
MUT
MUT
Group-membership messages
Information and Communication engineering (ICE)
MUT
MUT
MUT
MUT
MUT
Dual stack
Information and Communication engineering (ICE)
MUT
Automatic tunneling
Dual Stack
MUT
Configured tunneling
MUT
Header translation
Information and Communication engineering (ICE)
MUT
Summary
ICMPv4 IPv6 ICMP6 Next Class RIPv1 RIPv2
MUT
MUT
Exercise 18: what type of ICMP messages contain of the IP datagram? Why is this included?
MUT
destination unreachable: type 1 packet too big: type 2 time exceeded: type 3 parameter problem: type 4 Redirection: type 137 The IP header and first 8 bytes of data are included because this data contains all of the information needed for the source of the datagram to identify the packet in question, including the destination address and the source and destination port addresses.
MUT
MUT
MUT
MUT
4 4
5 1
0 0 17 10.12.4.5 12.6.7.9
28 0 0
17
MUT
Sum Checksum
(0+0)0_______ ________ (0+1)0______ ________ (0+1)0_____ ________ (0+1)0____ ________ (4+0)100___ ________ (4+1)100__ ________ (4+0)100_ ________ (2+0)10 ________ (0+0) 0_______ (0+1)00______ (4+0)100____ (2+1)010___ (4+1)100__ (0+1)000_ (4+0)100 01000101 00000000 00000000 00011100 00000000 00000001 00000000 00000000 00000100 00010001 00000000 00000000 00001010 00001100 00001110 00000101 00001100 00000110 00000111 00001001 01110100 01001110 10001011 10110001
MUT
21/10/2007, Intro 28/10/2007, Addressing 4/11/2007, Router Architecture 11/11/2007, IPv4 18/11/2007, ICMPv4 IPv6 ICMPv6 25/11/2007, RIP 2/12/2007, OSPF 9/12/2007, First seminar
MUT
Presentation
Routed Protocol
25 2550 Microsoft word file ( 2 2550) power points 3 2550
MUT
IEEE, ACM, Elsevier, Wiley, www.google.com and others 4-12
MUT