Embed Size (px)
Citation preview
©
For more information please check out my Cisco Press book and video series:
IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6• By Rick Graziani• ISBN-10: 1-58714-313-5
IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6• By Rick Graziani• ISBN-10: 1-58720-457-6
9.1: ICMPv6 Messages
©
ICMP (Internet Control Message Protocol)
• ICMP is one of the main protocols of the Internet (TCP/IP) suite.• Used to send messages between devices.
MyMac$ ping www.cabrillo.eduPING mundo.cabrillo.edu (207.62.187.8): 56 data bytes64 bytes from 207.62.187.8: icmp_seq=0 ttl=51 time=102.066 ms64 bytes from 207.62.187.8: icmp_seq=1 ttl=51 time=125.381 ms64 bytes from 207.62.187.8: icmp_seq=2 ttl=51 time=46.202 ms64 bytes from 207.62.187.8: icmp_seq=3 ttl=51 time=69.447 ms^CMyMac$
Router# debug ip packet detailIP packet debugging is on (detailed)
Router# ping 192.168.0.4Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.0.4, timeout is 2 seconds: U.U.U
May 27 05:27:27.11: IP: s=10.0.0.1 (local), d=192.168.0.4 (Serial0), len 100, sendingMay 27 05:27:27.15: ICMP type=8, code=0 ! Echo request sent (ping)May 27 05:27:27.19: IP: s=10.0.0.2 (Serial0), d=10.0.0.1 (Serial0), len 56, rcvd 3May 27 05:27:27.23: ICMP type=3, code=1 ! Local router returns: Destination host unreachableMay 27 05:27:27.27: IP: s=10.0.0.1 (local), d=192.168.0.4 (Serial0), len 100,
©
ICMPv6Internet Control Message Protocol for IPv6
• ICMPv6 is defined in RFC 4443.• Similar to ICMPv4, describes two types of
messages:• Informational• Error
• ICMPv6 Neighbor Discovery is described in RFC 4861.
• Much more robust than ICMP for IPv4.• Contains new functionality and improvements. • More than just “messaging” but “how IPv6
conducts business”.IPv6 Main
Header
Next Header
58
ICMPv6 Header
DataAll ICMPv6 messages
©
ICMPv6 Neighbor Discovery – Lesson 10
• Router Solicitation Message• Router Advertisement Message
Used with dynamic address allocation
• Neighbor Solicitation Message• Neighbor Advertisement Message
Used with address resolution (IPv4 ARP)
• Redirect Message Similar to ICMPv4 redirect message Router-to-Device messaging
Router-Device Messaging
Device-Device Messaging
ICMPv6 Neighbor Discovery defines 5 different packet types:
©
ICMPv6 Messages
• ICMPv6 error messages are:• Destination Unreachable• Packet Too Big• Time Exceeded• Parameter Problem
• ICMPv6 informational messages used by the ping command:• Echo Request• Echo Reply
Similar to IPv4We will take a brief look at these
Similar to IPv4We will see a packet analysis example
©
ICMPv6 Messages
ICMPv6 informational messages used for Multicast Listener Discovery (RFC 2710 ):• Multicast Listener Query• Multicast Listener Report• Multicast Listener Done
ICMPv6 informational messages used by Neighbor Discovery (RFC 4861):• Router Solicitation Message• Router Advertisement Message• Neighbor Solicitation Message• Neighbor Advertisement Message• Redirect Message
Similar to IGMP for IPv4 (Internet Group Message Protocol)Discussed in Lesson 6
New message types (except for Redirect message).Brief overview.Details discussed in various lessons
©
ICMPv6 General Message Format
• IPv6 Next Header Value: 58 decimal or 3A hexadecimal • ICMPv6 General Message Format (similar to ICMP for IPv4)
Type Code Checksum
Message Body
8 16 24 310
IPv6 Header ICMPv6 MessageNext
Header = 58
9.2: ICMPv6 Error Messages
©
ICMPv6 Error Messages
• ICMPv6 error messages are:• Destination Unreachable• Packet Too Big• Time Exceeded• Parameter Problem
©
Error Message: Destination Unreachable Message
• Sent when a packet cannot be delivered to its destination for reasons other than congestion.
• A router (or a firewall) usually generates these messages.• Type = 1• Code values vary, giving more detail.
Type = 1 Code Checksum
As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU.
8 16 24 310
Unused
Code Values0 - No route to destination1 - Communication with destination administratively prohibited2 - Beyond scope of source address3 - Address unreachable4 - Port unreachable5 - Source address failed ingress/egress policy6 - Reject route to destination
©
Error Message: Packet Too Big
• Important difference with IPv6…• IPv4 routers fragment a packet when the MTU (Maximum Transmission Unit) of
the outgoing link is smaller than the size of the packet. • The destination device is responsible for reassembling the fragmented packets. • IPv6 routers do not fragment packets (unless it is the source of the packet).
Type = 2 Code = 0 Checksum
As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU.
8 16 24 310
MTU of the next hop link
©
IPv4 Fragmentation• IPv4 fields used for fragmentation and
reassembly.• IPv6 routers do not perform
fragmentation.• Any fragmentation needed will be
handled by the source using an extension header..
IPv4
IPv6
©
Source
R1 R2 R3PCB
MTU of outgoing link smaller than packet size – fragment IPv4 packet.
1 2
PCA
Destination
IPv4 Fragmentation
Link with smaller MTU
IPv4 Packet IPv4 Packet
IPv4 Packet
IPv4 Packet
IPv4 Packet
It is my job to reassemble the packet
fragments.
3IPv4
Packet
IPv4 Packet
IPv4 Packet
©
MTU = 1500 MTU = 1500 MTU = 1350 MTU = 1500
R1 R2 R3PCB
MTU of outgoing link smaller than packet size. Drop packet. Send ICMPv6 Packet Too Big
message, use MTU 1350.
2
3
PCA
IPv6 No Fragmentation
Link with smaller MTU
IPv6 Packet – MTU 1500
Source Destination
ICMPv6 Packet Too BigUse MTU 1350
1
IPv6 PacketMTU 1350
Packet received. No reassembly
required.I will use MTU of the
interface.
©
Error Message: Time Exceeded
• If a router receives a packet with a Hop Limit of zero, or if a router decrements a packet's Hop Limit to zero, it MUST: • Discard the packet • Send an ICMPv6 Time Exceeded message (Type = 3, Code 0) to the source
of the packet. • This indicates either a routing loop or too small an initial Hop Limit value.
IPv6
Type = 3 Code = 0 Checksum
As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU.
8 16 24 310
Unused
©
Error Message: Time Exceeded
• Windows uses tracert (IPv4 and IPv6) or tracert -6 (IPv6 only)
MyMac$ traceroute6 2001:418:142a:295::90traceroute6 to 2001:418:142a:295::90 (2001:418:142a:295::90) from
2601:9:6801:85:b953:c971:e56d:1945, 64 hops max, 12 byte packets 1 2601:9:6801:85:cad7:19ff:fe9b:6676 6.306 ms 6.949 ms 9.992 ms 2 2001:558:6045:df::1 29.933 ms 37.620 ms 33.264 ms 3 te-5-4-ur02.scotts.ca.sfba.comcast.net 20.449 ms 23.846 ms 19.910 ms 4 te-1-0-0-10-ar01.oakland.ca.sfba.comcast.net 29.915 ms * * 5 be-90-ar01.sfsutro.ca.sfba.comcast.net 28.884 ms 28.019 ms 19.928 ms 6 he-1-5-0-0-cr01.sanjose.ca.ibone.comcast.net 39.964 ms 28.103 ms
29.734 ms 7 he-0-11-0-0-pe03.11greatoaks.ca.ibone.comcast.net 30.242 ms 26.888 ms
30.151 ms 8 ae-13.r02.snjsca04.us.bb.gin.ntt.net 29.775 ms 27.176 ms 20.832 ms 9 ae-3.r01.snjsca04.us.bb.gin.ntt.net 30.241 ms 28.280 ms 30.185 ms10 2001:418:1c01:1::80f1:5938 23.455 ms 28.021 ms 26.063 msMyMac$
©
Error Message: Parameter Problem
• Type 4• Generated when a receiving device finds a problem with a field in the main IPv6
header such as the Next Header field – packet is discarded.
Code Extension Header Name
0 Erroneous header field encountered
1 Unrecognized Next Header type encountered
2 Unrecognized IPv6 option encountered
IPv6 Main Header
Next Header
138
Extension Header
Next Header
6Data
Type = 4 Code Checksum
As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU.
8 16 24 310
Pointer
?TCP
Header
9.3: ICMPv6 Informational Messages: Echo Request and Echo Reply
©
ICMPv6 Echo Request and Echo Reply
• Similar to IPv4 Echo Request and Echo Reply messages are used by the ping utility.
Type = 128/129 Code = 0 Checksum
Data
8 16 24 310
Identifier Sequence Number
Type 128 = Echo Request Type 129 = Echo Reply
ICMPv6 Echo RequestPCA PCB
Ping PCB
ICMPv6 Echo Reply
©
Ping Command
PCAR1
2001:DB8:CAFE:1::100FE80::50A5:8A35:A5bb:66E1
2001:DB8:CAFE:1::/64
2001:DB8:CAFE:1::1FE80::1
G0/0
PCA> ping 2001:db8:cafe:1::1
Pinging 2001:db8:cafe:1::1 from 2001:db8:cafe:1::100 with 32 bytes of data:
Reply from 2001:db8:cafe:1::1: time=1msReply from 2001:db8:cafe:1::1: time=1msReply from 2001:db8:cafe:1::1: time=1msReply from 2001:db8:cafe:1::1: time=1ms
<rest of output omitted>PCA>
©
ICMPv6 Echo Request to GUA
Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 128 Source: 2001:db8:cafe:1::100 Destination: 2001:db8:cafe:1::1
Internet Control Message Protocol v6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0x8f38 [correct] ID: 0x0001 Sequence: 0 Data (32 bytes)
ICMPv6 Echo Request
IPv6 Header ICMPv6 MessageNext
Header = 58
©
ICMPv6 Echo Reply from GUA
Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: 2001:db8:cafe:1::1 Destination: 2001:db8:cafe:1::100
Internet Control Message Protocol v6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0x8e38 [correct] ID: 0x0001 Sequence: 0 Data (32 bytes)
ICMPv6 Echo Reply
©
Ping Command
PCAR1
2001:DB8:CAFE:1::100FE80::50A5:8A35:A5bb:66E1
2001:DB8:CAFE:1::/64
2001:DB8:CAFE:1::1FE80::1
G0/0
R1# ping fe80::50a5:8a35:a5bb:66e1Output Interface: gig 0/0% Invalid interface. Use full interface name without spaces (e.g. Serial0/1)Output Interface: gigabitethernet0/0Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to FE80::50A5:8A35:A5BB:66E1, timeout is 2
seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 msR1#
©
ICMPv6 Echo Request to Link-Local Address
Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 60 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: fe80::1 Destination: fe80::50a5:8a35:a5bb:66e1
Internet Control Message Protocol v6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0x0444 [correct] ID: 0x0a24 Sequence: 0 Data (52 bytes)
ICMPv6 Echo Request
Source and destination link-local addresses.
©
ICMPv6 Echo Reply from Link-Local Address
Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 60 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: fe80::50a5:8a35:a5bb:66e1 Destination: fe80::1
Internet Control Message Protocol v6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0x0344 [correct] ID: 0x0a24 Sequence: 0 Data (52 bytes)
ICMPv6 Echo Reply
Source and destination link-local addresses.
©
ICMPv6 Neighbor Discovery
• Router Solicitation Message• Router Advertisement Message
Used with dynamic address allocation
• Neighbor Solicitation Message• Neighbor Advertisement Message
Used with address resolution (IPv4 ARP)
• Redirect Message Similar to ICMPv4 redirect message Router-to-Device messaging
Router-Device Messaging
Device-Device Messaging
ICMPv6 Neighbor Discovery defines 5 different packet types:
©
For more information please check out my Cisco Press book and video series:
IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6• By Rick Graziani• ISBN-10: 1-58714-313-5
IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6• By Rick Graziani• ISBN-10: 1-58720-457-6
