1. 1 CMPT 471 Networking II ICMP © Janice Regan, 2012

2. 2 Errors in Packet Switching Networks  Possible causes of errors include  Hardware failure  Network congestion  Inability to fragment (DF set)  Routing loops  Unavailable host (disconnected or failed)  Queue overrun on routers  IP offers best effort delivery, it needs a mechanism to inform the source of packets dropped because of errors (except transmission errors). In the remainder of this lecture errors will mean errors not cause by transmission impairments

3. © Janice Regan, 2012 3 Dealing with errors  IP datagram delivery (network level) has a header checksum to detect transmission errors in the IP header  TCP has a checksum which covers the TCP header, pseudo header and data  Higher level protocols (for example TCP) also handle more types of errors  Higher level protocols may deal with any errors not caught at lower levels. It may be more efficient to catch errors in the IP layer than in the TCP layer  Within IP need an error reporting mechanism to report such errors, one such mechanism is the ICMP protocol.

4. © Janice Regan, 2012 4 ICMP  Internet Control Message Protocol is an integral part of IP  ICMP messages are carried as the data portion of an IP datagram  Communicates between the IP software on different hosts  Used (primarily by routers) to report errors back to the original source.  Used to enquire about the state and configuration of routers and hosts  Reports errors and in some cases suggests corrective action

5. © Janice Regan, 2012 5 ICMP encapsulation

6. © Janice Regan, 2012 6 ICMP message format  There are several types of ICMP messages designed to report different types of errors  Each ICMP message has its own format, but all start with the same three fields  A type field (1 octet) indicating which type of ICMP message follows  A 1 octet code following the type that further defines the message (see text for list) For example type specifies destination unreachable, code specifies router or host  The 3 rd common field is a 2 octet checksum. The checksum is calculated the same way as the ARP checksum, including the entire ICPM PDU

7. © Janice Regan, 2012 7 ICMPv4 Message Types Comer 2000:

8. © Janice Regan, 2012 8 IPv4 Destination Unreachable Codes 0Net Unreachable  Host Unreachable  Protocol Unreachable  Port Unreachable  Fragmentation Needed and Don't Fragment was Set  Source Route Failed  Destination Network Unknown  Destination Host Unknown  Source Host Isolated  Communication with Destination Network is Administratively Prohibited 1  Communication with Destination Host is Administratively Prohibited  Destination Network Unreachable for Type of Service  Destination Host Unreachable for Type of Service

9. © Janice Regan, 2012 9 ICMP Echo Request/Reply  Echo request is sent by the ping command to test for reachability  Echo reply is sent in response to a received echo reply to confirm reachability  Type: request 8, reply 0, Code 0 : no additional qualifying codes  Identifier and sequence number are optional, they can be used to match replies with requests  The optional data in a echo request must be returned in the resulting echo reply  Linux ping has a record route and a timestamp option Comer 2000: fig 9.2

10. © Janice Regan, 2012 10 ICMP destination unreachable  Sent when a router or host cannot deliver a datagram due to an identified failure (not all failures are identified)  Can be disabled, not all hosts or routers will send ICMP messages  The codes indicate what destination could not be reached and why (see table in text)  The header and datagram information is provided to identify the packet needing retransmission (port numbers and sequence number for TCP UDP) Comer 2000: fig 9.3

11. © Janice Regan, 2012 11 ICMP Source Quench Message  Used to help control congestion  When a packet must be dropped due to congestion a source quench packet may be sent  When the source receives a source quench message it may reduce the rate at which it transmits to the network  1 quench message per round trip travel time should cause change Comer 2000: fig 9.4

12. © Janice Regan, 2012 12 ICMP redirect message  Temporary of permanent changes to network routing on one host may cause other routes on other hosts to become incorrect  When a router detects a host on a directly connected network using non optimal routing it can send an ICMP redirect message  This mechanism allows dynamic calculation of routes by routers (not hosts) to interact with host routing tables  Allowing redirct messages to prompt routing changes can be a security issue and redirect messages are often disabled to protect from the security risk Comer 2000: fig 9.6

13. © Janice Regan, 2012 13 ICMP time exceeded message  Possible causes for timeout  To much time in transit (TTL reaches 0). Code 0  Missing fragments in reassembly of fragmented packets. Code 1  Similar format to source quench message Comer 2000: fig 9.7

14. © Janice Regan, 2012 14 ICMP parameter problem  When a router finds problems not handled by previous messages that are severe enough to require the packet to be discarded  Can deal with problems such as incorrect parameters for IP options Comer 2000: fig 9.8

15. © Janice Regan, 2012 15 ICMP timestamp request/reply  Used for synchronization and estimation of travel times  Originate timestamp added just before transmission  Receive timestamp added immediately after receipt  Transmit timestamp added immediately before the reply is transmitted  This means that transit time (not queuing time) is measured  In practice, because clocks on different systems may show different times, travel time and synchronization is complicated Comer 2000: fig 9.9

16. © Janice Regan, 2012 16 ICMP address mask request/reply  To determine the subnetwork address mask for the local subnetwork a host may send an address mask reply to a directly connected router  When the router replies the address mask field will contain the subnet mask  Identifier and sequence number are used to associate the request with the reply Comer 2000: fig 9.10

17. © Janice Regan, 2012 17 ICMP Router discovery  Used to dynamically determine the address of directly connected routers  An alternative to BOOTP and DHCP (both based on manually configured databases)  This is a router advertisement packet that is sent periodically (default every 10 minutes, with lifetime of 30 minutes)  If an advertisment is not received by a host during the lifetime, the host will discard the routing entry for that router (until it hears again) Comer 2000: fig 9.11

18. © Janice Regan, 2012 18 ICMP Router Solicitation  A host that has just booted will not wish to wait 10 minutes to discover the routers on the network  A host can send a solicitation requesting an additional immediate router discovery message Comer 2000: fig 9.12

19. © Janice Regan, 2012 19 ICMPv6 (RFC 2463)  Retains functionality of IPv4  Adds functionality of ARP and IGMP  Adds new functionality, autoconfiguration and unreachability detection  Includes neighbor discovery (RFC 2461) a sub protocol that replaces ARP and router discovery in ICMP. Can determine when a neighbor has become unreachable  Includes Multicast Listener Discoverer (replacing IGMP)