Professional Documents
Culture Documents
Quadrant 1 – e-text
We have looked at many aspects of IP in the last few modules – best-effort service,
fragmentation and reassembly, addressing, subnets, CIDR, address management and
configuration. In this module we will examine one important field in the IP packet that we
have not touched upon so far – IP options. We will then look at ICMP – which is a
companion protocol to IP, and used to report errors and control information for IP.
Learning Objectives:
To examine the ICMP protocol in detail – messages, formats and uses – error
reporting and others.
17.1 IP options
Let us take a look at the IP datagram format which is reproduced below in Fig. 17.1.
Thus there are three major options supported : Source routing, Record route and Time-
stamp, as shown in Table 17.1. Depending on the option, the information
specified/collected will vary. Hence the options field has 4 sub-fields : code, length,
pointer, variable data. The code field is a 1 byte field, that identifies the option (using an
option class – 2bits, and an option number – 5 bits). It has one leading bit – called the
copy bit, which determines whether the option field is to be copied into each fragment in
case this IP packet with an option is fragmented. We will see how this is used after we
have discussed the options.
Table 17.1 IP options
Source Routing
Source routing is an option in which the source specifies the route – the IP addresses
of the routers through which the packet is to be sent to the destination. If this option is
specified, all that a router has to do on receiving the packet is to use this information in
the packet itself to forward the packet (need not look-up the forwarding table).
There are two variations of source routing – strict source routing and loose source
routing. In strict source routing a complete list of each router to be visited, in order, is
specified. In loose source routing, a partial list of routers to be visited along the path
from the source to the destination are specified. Thus, in the latter, the list of routers
must be visited in the order specified, but other routers may also be visited in between
the ones specified. The format for this option is given in Table 17.2.
Table 17.2 Source Routing & Record Route Option
Length specifies the number of addresses specified, and pointer points to the next
router to be visited. At each router, the pointer is incremented to identify the next router
to be visited.
17.1.2 Record Route option
The format of the record route option is the same as that of source-routing, but the way
it is handled is entirely different. In source routing, all the entries (router addresses) are
filled by the source, whereas in record route, at the source, all the entries are empty,
and the pointer is pointing to the first entry. As each router is visited by the packet, that
IP address is added to the list, and the pointer is incremented. However, the number of
entries is limited to 9, since there is a total size limitation of 60 bytes (20 bytes standard
header + 4 bytes for the options header + 9x4 router addresses). The destination will
thus get a complete record of the route taken, and it can process it as appropriate.
17.1.3 Time Stamp option
The time stamp option has a format as shown in Table 17.3. It is to be interpreted in a
manner similar to the record route option, except that we also have the timestamp
information – in universal time - of when the packet visited each router. Thus, this option
allows us to not only get the list of devices visited, but also the time duration for each
hop along the path.
Table 17.3 Time stamp option
Coming to the copy bit in the IP option code field, as we mentioned earlier, this bit
indicates whether the options information is to be copied into each fragment, when a
given IP packet is fragmented along the path. It needs to be copied, if this information is
required for each fragment. It is easy to see that for the source routing option, it must be
copied, because we would like all the fragments to follow the path specified by the
source. But, when it comes to record route, and timestamp, it may be enough if one
fragment records all the path related information. Every fragment need not have this
overhead in processing. Hence the copy bit need not be set for these options.
With this we have covered all details of the IP protocol. We now move to the companion
protocols to IP at the network layer.
17.2 ICMP
The ICMP header consists of two 32-bit words. The first word has three fields – Type,
Code, and checksum. Type and code are used to identify the type of message or error
event. The checksum is calculated on the ICMP message, using 16-bit 1’s complement
addition as in the IP protocol. The second word has fields related to the type of
message, and varies. This is followed by the data. The data field in most cases,
consists of the IP header plus minimum - the first 64 bits of the packet that caused the
ICMP message to be sent (as per RFC 792, “Internet Control Message Protocol” ) to as
much of the original datagram as possible without the length of the ICMP datagram
exceeding 576 bytes (as per RFC 1812, "Requirements for IP Version 4 Routers”).
17.2.2 ICMP Types
5 1 Redirect (host)
9 0 Route advertisement
10 0 Router discovery
11 0 TTL expired
12 0 Bad IP header
The destination may be unreachable for various reasons. The network itself may be
unreachable. Or the network may be reachable, but the desired host may be
unreachable. The host also may be reachable, but the protocol or similarly the port may
be unreachable. The destination unreachable message has information to identify
whether it is a network, host, or port that is unreachable.
In addition to this, there is also another situation where the destination is unreachable –
that is, when fragmentation is req uired at an intermediate router (due to MTU) but the
‘do not fragment’ bit in the IP header is set. Code 4 of type 3 message is used to report
this situation. The next-hop MTU field gives the reason for the fragmentation. The
format of this message is shown in Fig.17.4.
Source Quench:
This message is used to signal congestion in the network – at a router. When buffer
overflows and the packet is dropped, the router sends a source quench (type=4) to the
source asking it to quench – reduce its flow of data. Information about the dropped
packet is given in the data part of the ICMP packet. The format of this message is
shown in Fig. 17.5.
If a host forwards a packet to a wrong router, router sends a redirect (type=5, code=0 or
1, (network/ host)) ICMP message to source , asking it to go via a different router. The
routers IP address is mentioned in the ICMP message (Fig. 17.6).
Originate Timestamp
Receive Timestamp
Transmit Timestamp
The identifier and sequence number are used to match the request message and the
reply message. The request message has the originate timestamp field filled in. It is
copied back in the response message along with the time at which the request was
received (receive timestamp), and the time at which the response was transmitted by
the destination (transmit timestamp). This pair of messages is useful in calculating the
RTT.
Other than the fact that ICMP messages give feedback when something goes wrong
with IP forwarding, these messages can be used to build some interesting utilities to
check out the network status.
As was mentioned earlier, ‘ping’ is a command that is build using the echo request and
reply messages.
Another very interesting utility is a trace-route command to trace the complete path from
the source to the destination (with the source getting that information – unlike using the
IP option of trace-route). This command can be built by triggering the time-exceeded
message. This can be done by setting appropriate values in the TTL field of the IP
packet being sent. An echo request packet can be sent.
Initially, TTL is set to 1. As soon as the packet reaches the first router, its TTL is
decremented to 0, and a time-exceeded ICMP message is generated by the router and
sent to the source. We have now got the address of the first router (in the source
address of this ICMP message). Now another packet is sent with a TTL value of 2. This
packet will go up to the second router in the path, where its TTL will become 0, and a
time exceeded message will be generated by that router. We now have the address of
the second router. We can proceed in this manner by sending packets with increasing
TTL values, until the packet reaches the destination, when we will get a echo reply
message. If we compile all the time-exceeded messages generated in-between, we
have the complete path!
Instead of sendi ng a series of echo request messages, a series of UDP messages can
also be sent with an unlikely port number. The same result can be obtained. The final
destination will send back a destination (port) unreachable message. When each ICMP
message arrives, the source can also calculate the RTTs to the respective routers.
Useful for user-level trouble-shooting !!
17.2.4 ICMPv6
With the shift towards IPv6, the companion protocol also has shifted to ICMPv6. This
protocol has many new message types and codes added to cater to the new
environment that IPv6 is used for. It is also organized better with separation of error-
reporting, and informational messages. Some of these are just mentioned below. We
will defer the discussion of these until we have discussed the IPv6 protocol.
1: Destination unreachable
2: Packet too big
3: Time Exceeded
4: Parameter problem
Type 128..255: informational
1. Computer Networking: A Top Down Approach Featuring the Internet, 6th edition.
Jim Kurose, Keith Ross
Addison-Wesley, 2012.