HANNAM UNIVERSITY 1 Chapter 9 Upon completion you will be able to: Internet Control Message Protocol Be familiar with the ICMP message format Know the types of error reporting messages Know the types of query messages Be able to calculate the ICMP checksum Know how to use the ping and traceroute commands Understand the modules and interactions of an ICMP package Objectives

HANNAM UNIVERSITY 2CONTENTS TYPES OF MESSAGES MESSAGE FORMAT ERROR REPORTING QUERY CHECKSUM ICMP PACKAGE

HANNAM UNIVERSITY 3 ICMP 프로토콜의 문제점  신뢰성이 없고 비연결형 데이터그램 전달 제공  최선의 노력 전달 서비스  오류 제어와 지원 메커니즘이 없음  오류 보고 및 오류 수정 기능이 없음  호스트와 관리 질의를 위한 메커니즘이 없다  이 문제점을 보완하기 위해 설계

HANNAM UNIVERSITY 4 네트워크 계층에서 ICMP 위치

HANNAM UNIVERSITY 5 ICMP 패킷의 캡슐화

HANNAM UNIVERSITY TYPES OF MESSAGES ICMP messages are divided into error-reporting messages and query messages. The error-reporting messages report problems that a router or a host (destination) may encounter. The query messages get specific information from a router or another host.

HANNAM UNIVERSITY 메시지 유형  오류 보고 메시지 : IP 패킷 처리 도중 발견된 문제를 보고  질의 메시지 : 다른 호스트로부터 특정 정보를 획득하기 위해 사용

HANNAM UNIVERSITY 메시지 유형  ICMP 메시지

HANNAM UNIVERSITY MESSAGE FORMAT An ICMP message has an 8-byte header and a variable-size data section. Although the general format of the header is different for each message type, the first 4 bytes are common to all.

HANNAM UNIVERSITY 메시지 형식  ICMP 메시지 일반적인 형식

HANNAM UNIVERSITY ERROR REPORTING IP, as an unreliable protocol, is not concerned with error checking and error control. ICMP was designed, in part, to compensate for this shortcoming. ICMP does not correct errors, it simply reports them. The topics discussed in this section include: Destination Unreachable Source Quench Time Exceeded Parameter Problem Redirection

HANNAM UNIVERSITY 오류 보고  ICMP 의 주 임무 중 하나 ICMP always reports error messages to the original source. Note:

HANNAM UNIVERSITY 오류 보고  오류 보고 메시지

HANNAM UNIVERSITY 오류 보고 The following are important points about ICMP error messages: ❏ No ICMP error message will be generated in response to a datagram carrying an ICMP error message. ❏ No ICMP error message will be generated for a fragmented datagram that is not the first fragment. ❏ No ICMP error message will be generated for a datagram having a multicast address. ❏ No ICMP error message will be generated for a datagram having a special address such as or Note:

HANNAM UNIVERSITY 오류 보고  오류 메시지를 위한 데이터 필드 내용  처음 8 바이트 : TCP 와 UDP 포트 번호와 순서 번호

HANNAM UNIVERSITY 오류 보고  목적지 도달 불가능 (Destination Unreachable)  라우터가 데이터그램을 라우팅할 수 없거나 호스트나 데이터그 램을 배달할 수 없을 때 데이터그램은 폐기되고 발신지 호스트에 목적지 도달 불가 메시지 전달  목적지 도달 불가 메시지 형식

HANNAM UNIVERSITY 오류 보고  코드 필드 : 데이터그램 폐기 이유 0 : 하드웨어 고장 네트워크에 도달 불가 1 : 하드웨어 고장 호스트에 도달 불가 2 : 프로토콜에 도달 불가 3 : 포트 도달 불가. 15 : 우선 순위가 낮아서 호스트 도달 불가  책 214,215 쪽 참조

HANNAM UNIVERSITY 오류 보고 Destination-unreachable messages with codes 2 or 3 can be created only by the destination host. Other destination-unreachable messages can be created only by routers. Note:

HANNAM UNIVERSITY 오류 보고 A router cannot detect all problems that prevent the delivery of a packet. Note:

HANNAM UNIVERSITY 오류 보고 There is no flow-control mechanism in the IP protocol. Note:

HANNAM UNIVERSITY 오류 보고  발신지 억제 (source quench) 혼잡으로 인하여 데이터그램 폐기를 발신지에 알림

HANNAM UNIVERSITY 오류 보고 A source-quench message informs the source that a datagram has been discarded due to congestion in a router or the destination host. The source must slow down the sending of datagrams until the congestion is relieved. Note:

HANNAM UNIVERSITY 오류 보고 One source-quench message is sent for each datagram that is discarded due to congestion. Note:

HANNAM UNIVERSITY 오류 보고 Whenever a router decrements a datagram with a time-to-live value to zero, it discards the datagram and sends a time-exceeded message to the original source. Note:

HANNAM UNIVERSITY 오류 보고 When the final destination does not receive all of the fragments in a set time, it discards the received fragments and sends a time-exceeded message to the original source. Note:

HANNAM UNIVERSITY 오류 보고 In a time-exceeded message, code 0 is used only by routers to show that the value of the time-to-live field is zero. Code 1 is used only by the destination host to show that not all of the fragments have arrived within a set time. Note:

HANNAM UNIVERSITY 오류 보고  시간 경과 (time exceeded) 메시지 형식 Code 0: Time to live Code 1: Fragmentation

HANNAM UNIVERSITY 오류 보고 A parameter-problem message can be created by a router or the destination host. Note:

HANNAM UNIVERSITY 오류 보고  매개 변수 문제 (parameter problem) 메시지 형식 Code 0: Main header problem Code 1: Problem in the option field

HANNAM UNIVERSITY 오류 보고  재지정 (redirection)  데이터그램을 잘못된 라우터로 보낼때 라우팅 테이블을 갱신 하기 위한 방법

HANNAM UNIVERSITY 오류 보고 A host usually starts with a small routing table that is gradually augmented and updated. One of the tools to accomplish this is the redirection message. Note:

HANNAM UNIVERSITY 오류 보고  재지정 메시지 형식 Code 0: Network specific Code 1: Host specific Code 2: Network specific (specified service) Code 3: Host specific (specified service)

HANNAM UNIVERSITY 오류 보고 A redirection message is sent from a router to a host on the same local network. Note:

HANNAM UNIVERSITY QUERY ICMP can also diagnose some network problems through the query messages, a group of four different pairs of messages. In this type of ICMP message, a node sends a message that is answered in a specific format by the destination node. The topics discussed in this section include: Echo Request and Reply Timestamp Request and Reply Address-Mask Request and Reply Router Solicitation and Advertisement

HANNAM UNIVERSITY 질의  네트워크 문제 진단  질의 메시지

HANNAM UNIVERSITY 질의 An echo-request message can be sent by a host or router. An echo-reply message is sent by the host or router which receives an echo-request message. Note:

HANNAM UNIVERSITY 질의 Echo-request and echo-reply messages can be used by network managers to check the operation of the IP protocol. Note:

HANNAM UNIVERSITY 질의 Echo-request and echo-reply messages can test the reachability of a host. This is usually done by invoking the ping command. Note:

HANNAM UNIVERSITY 질의  에코 요청 및 에코 응답 메시지 Ping command can use theses messages.

HANNAM UNIVERSITY 질의  타임스탬프 요청과 응답  두 시스템 간에 IP 데이터그램이 오고 가는데 필요 한 왕복 시간 결정  그리니치 표준시 사용  세계 표준시 (Universal Time) 의 자정으로 부터 시간 을 ms 단위로 표현  3 개의 (original, receive, transmit) 32 비트 필드 사용 (0~4, 294, 967, 295 사이 값 )

HANNAM UNIVERSITY 질의  타임스탬프 요청과 응답 메시지 형식

HANNAM UNIVERSITY 질의  동작 과정  발신지는 타임스탬프 요청 메시지 생성  Original timestamp 필드에 출발 시간 값 삽입  나머지 두 필드는 0  목적지는 응답 메시지 생성  Original timestamp 값을 같은 필드에 복사  요청이 수신된 시점의 시간을 receive timestamp 필 드에 삽입  응답 메시지가 출발하는 시간을 transmit timestamp 필드에 삽입

HANNAM UNIVERSITY 질의  왕복시간 계산 Sending time  value of receive timestamp  value of original timestamp Receiving time  time the packet returned  value of transmit timestamp Round-trip time  sending time  receiving time

HANNAM UNIVERSITY 질의 Timestamp-request and timestamp- reply messages can be used to calculate the round-trip time between a source and a destination machine even if their clocks are not synchronized. Note:

HANNAM UNIVERSITY 질의 Value of original timestamp: 46 Value of receive timestamp: 59 Value of transmit timestamp: 60 Time the packet arrived: 67 Given the following information:

HANNAM UNIVERSITY 질의 Sending time  59  46  13 milliseconds Receiving time  67  60  7 milliseconds Round-trip time  13  7  20 milliseconds We can calculate:

HANNAM UNIVERSITY 질의 The timestamp-request and timestamp- reply messages can be used to synchronize two clocks in two machines if the exact one-way time duration is known. Note:

HANNAM UNIVERSITY 질의 Time difference  receive timestamp  (original timestamp field  one-way time duration) Given the actual one-way time, Time difference  59  (46  10)  3 We have:

HANNAM UNIVERSITY 질의  주소 마스크 요청과 응답  디스크가 없는 국이 구동될 때 필요  호스트가 LAN 상의 라우터에 요청 메시지 송신  마스크 요청과 마스크 응답 메시지 형식

HANNAM UNIVERSITY 질의  라우터 요청과 광고  다른 네트워크 상의 호스트에 데이터를 보낼 때 자신의 네트워크 에 연결된 라우터 주소를 알고자 할 때  호스트는 라우터 요청 메시지를 브로드캐스트 하거나 멀티캐스 트  라우터는 광고 메시지를 이용하여 라우팅 정보를 브로드캐스트  라우터 요청 메시지 형식

HANNAM UNIVERSITY 질의  라우터 광고 메시지 형식

HANNAM UNIVERSITY CHECKSUM In ICMP the checksum is calculated over the entire message (header and data). In ICMP the checksum is calculated over the entire message (header and data). The topics discussed in this section include: Checksum Calculation Checksum Testing

HANNAM UNIVERSITY 53 Figure 9.19 shows an example of checksum calculation for a simple echo-request message (see Figure 9.14). We randomly chose the identifier to be 1 and the sequence number to be 9. The message is divided into 16-bit (2-byte) words. The words are added together and the sum is complemented. Now the sender can put this value in the checksum field. Example 1

HANNAM UNIVERSITY 검사합  헤더와 데이터를 포함한 전체 메시지에 대해 계산

HANNAM UNIVERSITY DEBUGGING TOOLS We introduce two tools that use ICMP for debugging: ping and traceroute. The topics discussed in this section include: PingTraceroute

HANNAM UNIVERSITY 56 We use the ping program to test the server fhda.edu. The result is shown below: Example 2 $ ping fhda.edu PING fhda.edu ( ) 56 (84) bytes of data. 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=0 ttl=62 time=1.91 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=1 ttl=62 time=2.04 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=2 ttl=62 time=1.90 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=3 ttl=62 time=1.97 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=4 ttl=62 time=1.93 ms

HANNAM UNIVERSITY 57 Example 2 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=5 ttl=62 time=2.00 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=6 ttl=62 time=1.94 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=7 ttl=62 time=1.94 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=8 ttl=62 time=1.97 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=9 ttl=62 time=1.89 ms 64 bytes from tiptoe.fhda.edu ( ): icmp_seq=10 ttl=62 time=1.98 ms --- fhda.edu ping statistics packets transmitted, 11 received, 0% packet loss, time 10103ms rtt min/avg/max = 1.899/1.955/2.041 ms

HANNAM UNIVERSITY 58 For the this example, we want to know if the adelphia.net mail server is alive and running. The result is shown below: Example 3 $ ping mail.adelphia.net PING mail.adelphia.net ( ) 56(84) bytes of data. 64 bytes from mail.adelphia.net ( ): icmp_seq=0 ttl=48 time=85.4 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=1 ttl=48 time=84.6 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=2 ttl=48 time=84.9 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=3 ttl=48 time=84.3 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=4 ttl=48 time=84.5 ms

HANNAM UNIVERSITY 59 Example 3 64 bytes from mail.adelphia.net ( ): icmp_seq=5 ttl=48 time=84.7 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=6 ttl=48 time=84.6 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=7 ttl=48 time=84.7 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=8 ttl=48 time=84.4 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=9 ttl=48 time=84.2 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=10 ttl=48 time=84.9 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=11 ttl=48 time=84.6 ms 64 bytes from mail.adelphia.net ( ): icmp_seq=12 ttl=48 time=84.5 ms --- mail.adelphia.net ping statistics packets transmitted, 13 received, 7% packet loss, time 13129ms rtt min/avg/max/mdev = /84.694/85.469

HANNAM UNIVERSITY 60  The traceroute program operation 9.6 DEBUGGING TOOLS

HANNAM UNIVERSITY 61 We use the traceroute program to find the route from the computer voyager.deanza.edu to the server fhda.edu. The following shows the result: Example 4 $ traceroute fhda.edu traceroute to fhda.edu ( ), 30 hops max, 38 byte packets 1 Dcore.fhda.edu ( ) ms ms ms 2 Dbackup.fhda.edu ( ) ms ms ms 3 tiptoe.fhda.edu ( ) ms ms ms

HANNAM UNIVERSITY 62 The un-numbered line after the command shows that the destination is The TTL value is 30 hops. The packet contains 38 bytes: 20 bytes of IP header, 8 bytes of UDP header, and 10 bytes of application data. The application data is used by traceroute to keep track of the packets. Example 4 The first line shows the first router visited. The router is named Dcore.fhda.edu with IP address The first round trip time was milliseconds, the second was milliseconds, and the third was milliseconds. The second line shows the second router visited. The router is named Dbackup.fhda.edu with IP address The three round trip times are also shown. The third line shows the destination host. We know that this is the destination host because there are no more lines. The destination host is the server fhda.edu, but it is named tiptoe. fhda.edu with the IP address The three round trip times are also shown.

HANNAM UNIVERSITY 63 In this example, we trace a longer route, the route to xerox.com Example 5 $ traceroute xerox.com traceroute to xerox.com ( ), 30 hops max, 38 byte packets 1 Dcore.fhda.edu ( ) ms ms ms 2 Ddmz.fhda.edu ( ) ms ms ms alpha.Xerox.COM ( ) ms ms ms Here there are 17 hops between source and destination. Note that some round trip times look unusual. It could be that a router is too busy to process the packet immediately.

HANNAM UNIVERSITY 64 An interesting point is that a host can send a traceroute packet to itself. This can be done by specifying the host as the destination. The packet goes to the loopback address as we expect. Example 6 $ traceroute voyager.deanza.edu traceroute to voyager.deanza.edu ( ), 30 hops max, 38 byte packets 1 voyager ( ) ms ms ms

HANNAM UNIVERSITY 65 Finally, we use the traceroute program to find the route between fhda.edu and mhhe.com (McGraw-Hill server). We notice that we cannot find the whole route. When traceroute does not receive a response within 5 seconds, it prints an asterisk to signify a problem, and then tries the next hop.. Example 7 $ traceroute mhhe.com traceroute to mhhe.com ( ), 30 hops max, 38 byte packets 1 Dcore.fhda.edu ( ) ms ms ms 2 Ddmz.fhda.edu ( ) ms ms ms 3 Cinic.fhda.edu ( ) ms ms ms * * * 17 * * *

HANNAM UNIVERSITY ICMP PACKAGE To give an idea of how ICMP can handle the sending and receiving of ICMP messages, we present our version of an ICMP package made of two modules: an input module and an output module. The topics discussed in this section include: Input Module Output Module

HANNAM UNIVERSITY ICMP 설계  ICMP package

HANNAM UNIVERSITY ICMP 패키지  입력 모듈  IP 계층으로 부터 수신된 ICMP 패킷 처리 Receive: an ICMP packet from the IP layer 1. If(the type is any of the three request types) 1. Create a reply. 2. Send the reply. 2. If(the type is a router solicitation) 1. If(station is a router) 1. Create a router advertisement. 2. Send the advertisement.

HANNAM UNIVERSITY ICMP 패키지 3. If(the type is one of the three reply messages or router advertisement) 1. Extract information in the data section of the packet. 2. Deliver extracted information to the process that requested it. 4. If(the type defines a redirection) 1. Modify the routing table. 5. If(the type defines an error message other than a redirection) 1. Inform the appropriate source protocol about the situation. 6. Return.

HANNAM UNIVERSITY ICMP 패키지  출력 모듈  상위 계층 또는 IP 프로토콜에 의해 요청된 요청, 청 원, 오류 메시지 생성 Receive: a demand 1. If(the demand defines an error message) 1. If(the demand is from IP) 1. If(the demand is forbidden) 1. Return. 2. If(the type defines a redirection message) 1. If(the station is not a router) 1. Return

HANNAM UNIVERSITY ICMP 패키지 3. Create the error message using the type, the code, and the IP packet. 2. If(the demand defines a request or solicitation) 1. Create a request or solicitation message. 3. Send the message. 4. Return.

HANNAM UNIVERSITY 72 연습문제 풀이해서 Report 로 다음주까지 ( 일주일 후 ) 제출해 주세요 ! 알림