Working of ICMP

Embed Size (px)

Citation preview

  • 8/12/2019 Working of ICMP

    1/45

    Internet Control Message Protocol

    (ICMP),RFC 792Prof. Lin Weiguo

    Copyleft 2009~2013, College of Computing, CUC

    Oct. 2013

  • 8/12/2019 Working of ICMP

    2/45

    Overview

    Advanced Windows Network Programming

    !The IP (Internet Protocol) relies on several otherprotocols to perform necessary control and routing

    functions:

    ! Control functions (ICMP)! Multicast signaling (IGMP)! Setting up routing tables (RIP, OSPF, BGP, PIM, )

    2 10/30/13

    Control

    Routing

    ICMP IGMP

    RIP OSPF BGP PIM

  • 8/12/2019 Working of ICMP

    3/45

    Purpose of ICMP

    Advanced Windows Network Programming

    ! The Internet Control Message Protocol (ICMP)is a helper protocol that supports IP with facility for! Error reporting! Simple queries

    3 10/30/13

  • 8/12/2019 Working of ICMP

    4/45

    Layering view

    Advanced Windows Network Programming

    ! From a layering point of view, ICMP is aseparate protocol that sits above IP anduses IP to transport messages.

    ! In practice, ICMP is an integral part ofIP and all IP modules must support theICMP protocol.

    ! ICMP datagrams are encapsulatedwithin IP datagrams and processed by IPin the same way as TCP and UDP

    datagrams;

    4 10/30/13

    IP

    TransportTCP/UDP

    ICMP

  • 8/12/2019 Working of ICMP

    5/45

    Message Encapsulation

    Advanced Windows Network Programming

    !ICMP messages are encapsulated as IP datagrams:

    5 10/30/13

    IP header ICMP message

    IP payload

    Protocol field:ICMP:00000001

    IGMP:00000010TCP: 00000110

    UDP: 00010001

  • 8/12/2019 Working of ICMP

    6/45

    ICMP message format

    Advanced Windows Network Programming6 10/30/13

    additional information

    or

    0x00000000

    type code checksum

    bit # 0 15 23 248 317 16

    4 byte header:

    Type (1 byte):type of ICMP message Code (1 byte):subtype of ICMP message Checksum (2 bytes):similar to IP header checksum. Checksum is calculated

    over entire ICMP message

    If there is no additional data, there are 4 bytes set to zero.

    !each ICMP messages is at least 8 bytes long

  • 8/12/2019 Working of ICMP

    7/45

    Types of ICMP Msges

    Advanced Windows Network Programming

    ! Two general types of ICMP messages:! Information messages, where a sender sends a query to

    another machine (either host or gateway) and expects an

    answer. For example, a host might want to know if a gateway

    is alive.! Error indication messages, where the IP software on a host

    or gateway has encountered a problem processing an IP

    datagram. For example, it may be unable to route a datagram

    to its destination, or it may have had to drop a frame.

    7 10/30/13

  • 8/12/2019 Working of ICMP

    8/45

    ICMP messages type/code

    Advanced Windows Network Programming8 10/30/13

    Type Code description0 0 echo reply (ping)

    3 0 dest network unreachable3 1 dest host unreachable

    3 2 dest protocol unreachable3 3 dest port unreachable

    3 6 dest network unknown3 7 dest host unknown4 0 source quench (congestion

    control - not used)

    8 0 echo request (ping)9 0 route advertisement

    10 0 router discovery11 0 TTL expired

    12 0 bad IP header

  • 8/12/2019 Working of ICMP

    9/45

    ICMP Query message

    Advanced Windows Network Programming

    ! ICMP query: Requestsent by host to a router or host Replysent back to querying host

    9 10/30/13

    Host

    ICMP Request

    Host or router

    ICMP Reply

  • 8/12/2019 Working of ICMP

    10/45

    Example of ICMP Queries

    Advanced Windows Network Programming10 10/30/13

    Type/Code Description8/0 Echo Request

    0/0 Echo Reply

    13/0 Timestamp Request

    14/0 Timestamp Reply

    10/0 Router Solicitation

    9/0 Router Advertisement

    The ping commanduses Echo Request/

    Echo Reply

  • 8/12/2019 Working of ICMP

    11/45

    Purpose of Req/Reply

    Advanced Windows Network Programming

    !The ICMP echo request and echo reply messages are usefulfor network debugging.

    ! If machine A sends an echo request message to machine B,machine B is required to respond with an ICMP echo reply.

    ! Most systems supply an application program that sends andreceives ICMP echo messages.

    ! In UNIX, the program ping allows a user to check whether amachine is reachable and functioning.

    ! Because ICMP messages are handled just like other IPdatagrams, ICMP echo messages test the reachability of any

    host. Also, because ICMP is an integral part of IP, all hosts

    and gateways must implement ICMP.

    11 10/30/13

  • 8/12/2019 Working of ICMP

    12/45

    12

    !Format! pingip address (or ping for extended ping with CISCO IOS)! ping172.30.1.25

    ! Pings are handled directly by the kernel!

    Each Ping is translated into an ICMP Echo Request! The Pinged host responds with an ICMP Echo Reply

    Ping: Echo Request and Reply

    Host

    or

    Router

    ICMPECHOREQUEST

    Host

    or

    router

    ICMPE

    CHORE

    PLY

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    13/45

    Ping Frame Format

    ! Uses ICMP message within an IP Packet, Protocol field = 1!

    Both are layer 3 protocols. (ICMP is considered as a networklayer protocol.)

    ! Does not use TCP or UDP, but may be acted upon by thereceiver using TCP or UDP.

    13

    Ethernet Header

    (Layer 2)

    IP Header

    (Layer 3)

    ICMP Message

    (Layer 3)

    Ether.

    Tr.EthernetDestination

    Address

    (MAC)

    Ethernet

    Source

    Address

    (MAC)

    Frame

    Type

    Source IP Add.

    Dest. IP Add.

    Protocol field:1

    Type

    8 or 0

    Code

    0

    Check-

    sum

    ID Seq.

    Num.

    Data FCS

    Optional Data

    type code checksum

    bit # 0 15 23 248 317 16

    ID Seq Num

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    14/45

    ICMP Echo(Ping) Request Message

    Advanced Windows Network Programming14 10/30/13

  • 8/12/2019 Working of ICMP

    15/45

    ICMP Echo(Ping) Reply Message

    Advanced Windows Network Programming15 10/30/13

  • 8/12/2019 Working of ICMP

    16/45

    Ping Q&A

    Advanced Windows Network Programming

    Q: Are pings forwarded by routers?A: Yes! This is why you can ping devices all over the Internet.

    Q: Do all devices forward or respond to pings?

    A: No, this is up to the network administrator of the device.Devices, including routers, can be configured not to reply to

    pings (ICMP echo requests). This is why you may not always

    be able to ping a device. Also, routers can be configured not

    to forward pings destined for other devices.

    16 10/30/13

  • 8/12/2019 Working of ICMP

    17/45

    Timestamp Messages!

    ICMP timestamp messages are used to estimate thetransmission delays between machines and to

    synchronize clocks:

    ! Including both the receive and transmit timestamp allowsthe sending host to determine the fraction of time spenttransmitting vs. processing the request.

    ! By averaging the measurements of several messages, thesender can estimate the offset between its local clock and

    that on the remote machine.! Note: it is quite feasible to synchronize the clocks of all

    machines on a LAN to within several milliseconds of each

    other.

    17 Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    18/45

    18

    Example of a Query:ICMP Timestamp

    ! A system (host or router) asks anothersystem for the current time.

    ! Time is measured in milliseconds aftermidnight UTC (Universal Coordinated

    Time) of the current day

    ! Sender sends a request, receiverresponds with reply

    Type

    (= 17 or 18)

    Code

    (=0)Checksum

    32-bit sender timestamp

    identifier sequence number

    32-bit receive timestamp

    32-bit transmit timestamp

    Sender

    Receiver

    Timestamp

    Request

    Timestamp

    Reply

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    19/45

  • 8/12/2019 Working of ICMP

    20/45

    20

    ICMP Error message

    ICMP error messages include the complete IP header and the first 8 bytes ofthe payload (typically: UDP, TCP)

    Unused (0x00000000)

    IP header ICMP header IP header 8 bytes of payload

    ICMP Message

    from IP datagram that triggered the error

    type code checksum

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    21/45

    Frequent ICMP Error message

    Type Code Description

    3

    015 Destination

    unreachable

    Notification that an IP datagram could not be

    forwarded and was dropped. The code field

    contains an explanation.5 03 Redirect

    Informs about an alternative route for the

    datagram and should result in a routing table

    update. The code field explains the reason for

    the route change.

    11 0, 1 Time

    exceeded

    Sent when the TTL field has reached zero

    (Code 0) or when there is a timeout for the

    reassembly of segments (Code 1)

    12 0, 1 Parameter

    problem

    Sent when the IP header is invalid (Code 0) or

    when an IP header option is missing (Code 1)

    21 Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    22/45

    Some subtypes of the Destination Unreachable

    Code Description Reason for Sending

    0 NetworkUnreachable

    No routing table entry is available for the destination

    network.

    1 HostUnreachable

    Destination host should be directly reachable, but

    does not respond to ARP Requests.

    2 ProtocolUnreachable

    The protocol in the protocol field of the IP header isnot supported at the destination.

    3 Port Unreachable The transport protocol at the destination host cannot

    pass the datagram to an application.

    4 Fragmentation

    Neededand DF Bit Set

    IP datagram must be fragmented, but the DF bit in

    the IP header is set.

    13 CommunicationAdministratively

    Prohibited

    Generated if a router cannot forward a packet due to

    administrative filtering;

    22 Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    23/45

    ICMP TTL Exceeded Message

    Advanced Windows Network Programming23 10/30/13

  • 8/12/2019 Working of ICMP

    24/45

    ICMP Dest Unreachable (Filtered)

    Advanced Windows Network Programming24 10/30/13

  • 8/12/2019 Working of ICMP

    25/45

    25

    Example: ICMP Port Unreachable

    !RFC 792:

    ! If, in the destination host, the IP module cannot deliver the datagrambecause the indicated protocol module or process port is not active,the destination host may send a destination unreachable message to thesource host.

    !Scenario:

    Client

    Requestaserviceataport80

    Server

    No process

    is waiting

    at port 80

    Type=3c

    ode=3

    Port

    Unreachab

    le

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    26/45

    UDP Datagram on Linux

    Advanced Windows Network Programming26 10/30/13

  • 8/12/2019 Working of ICMP

    27/45

    ICMP Port Unreachable Error Message

    Advanced Windows Network Programming27 10/30/13

  • 8/12/2019 Working of ICMP

    28/45

    Traceroute

    ! Trace (traceroute, tracert, tracepath) is used to trace theprobablepath a packet takes between source and destination.

    ! Probable, because IP is a connectionless protocol, and differentpackets may take different paths between the same source anddestination networks, although this is not usually the case.

    ! Trace will show the path the packet takes to the destination,but the return path may be different.! This is more likely the case in the Internet, and less likely within your

    own autonomous system.

    ! Uses ICMP message within an IP Packet (on Windows)! Uses UDP in the transport layer (on Unix/Linux/Cisco IOS).

    28 Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    29/45

    Example(on Windows)

    !HostA> TraceRT ip_address

    HostA> TraceRT 192.168.10.2

    29

    10 0 0 0/8 172 16 0 0/16 192 168 10 0/24

    1

    1

    1

    2

    2

    2

    Host A RTB RTC Host D

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    30/45

    30

    How it works - Fooling the routers & host!

    ! Traceroute uses ping (echo requests)! Traceroute sets the TTL (Time To Live) field in the IP Header, initially

    to 1

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Echo Request (trace) DataLinkTr.

    Data LinkDestination

    Address

    Data LinkSource

    Address

    !! Source IPAdd.10.0.0.1Dest. IP Add.192.168.10.2Protocol field1TTL1

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

    .1

    .1

    .2

    .2

    Host A RTB RTC Host D.1

    .2

    DA = 192.168.10.2 TTL = 1

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    31/45

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

    .1

    .1

    .1

    .2

    .2

    .2

    Host A RTB RTC Host D

    DA = 192.168.10.2 TTL = 1ICMP Time Exceeded SA = 10.0.0.2

    31

    RTB - TTL:

    !When a router receives an IP Packet, it decrements the TTL by 1.

    ! If the TTL is 0, it will not forward the IP Packet, and send back to thesource an ICMP time exceeded message.

    ! using its IP header and first 8 bytes of ICMP header as Data! ICMP Message: Type = 11, Code = 0

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Time Exceeded DataLinkTr.

    Data Link

    Destination

    Address

    Data Link

    Source

    Address

    !. Source IPAdd.10.0.0.2

    Dest. IP Add.10.0.0.1

    Protocol field1

    Type11

    Code0

    Chk

    sum

    0 0 Data FCS

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    32/45

    TraceRT output -1

    HostA, Sending Host

    ! The traceroute program of the sending host (Host A) will usethe source IP address of this ICMP Time Exceeded packet todisplay at the first hop.

    HostA> tracert 192.168.10.2Type escape sequence to abort.

    Tracing the route to 192.168.10.2

    1 10.0.0.2 4 msec 4 msec 4 msec

    32 Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    33/45

    33

    HostA! The traceroute program increments the TTL by 1(now 2 ) and

    resends the ICMP Echo Request packet.

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Echo Request (trace) DataLinkTr.

    Data LinkDestinationAddress

    Data LinkSourceAddress

    !!

    Source IPAdd.10.0.0.1Dest. IP Add.192.168.10.2Protocol field1TTL2

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

    .1

    .1

    .1

    .2

    .2

    .2

    Host A RTB RTC Host D

    DA = 192.168.10.2 TTL = 1ICMP Time Exceeded SA = 10.0.0.2

    DA = 192.168.10.2 TTL = 2

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    34/45

    34

    RTB! This time RTB decrements the TTL by 1 and it is NOT 0. (It is 1.)! So it looks up the destination ip address in its routing table and forwards

    it on to the next router.

    RTC

    ! RTC however decrements the TTL by 1 and it is 0.! RTC notices the TTL is 0 and sends back the I MP Time Exceededmessageback to the source.! RTCs IP header includes its own IP address (source IP) and the

    sending hosts IP address (destination IP address of RTA).

    ! The sending host, RTA, will use the source IP address of this I MPTime Exceededmessage to display at the second hop.

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

    .1

    .1

    .1

    .2

    .2

    .2

    Host A RTB RTC Host D

    DA = 192.168.10.2 TTL = 1ICMP Time Exceeded SA = 10.0.0.2

    DA = 192.168.10.2 TTL = 2ICMP Time Exceeded SA = 172.16.0.2

    Advanced Windows Network Programming 10/30/13

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

  • 8/12/2019 Working of ICMP

    35/45

    .1

    .1

    .1

    .2

    .2

    .2

    Host A RTB RTC Host D

    DA = 192.168.10.2 TTL = 1ICMP Time Exceeded SA = 10.0.0.2

    DA = 192.168.10.2 TTL = 2ICMP Time Exceeded SA = 172.16.0.2

    35

    .

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Echo Request (trace) DataLinkTr.

    Data LinkDestination

    Address

    Data LinkSource

    Address

    !! Source IPAdd.10.0.0.1Dest. IP Add.192.168.10.2

    Protocol field1TTL2

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Echo Request (trace) DataLinkTr.

    Data LinkDestination

    Address

    Data LinkSource

    Address

    !! Source IPAdd.10.0.0.1Dest. IP Add.192.168.10.2

    Protocol field1TTL1

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    HostA to RTB

    RTB to RTC

    Advanced Windows Network Programming 10/30/13

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Time Exceeded DataLinkTr.

    Data Link

    Destination

    Address

    Data Link

    Source

    Address

    !. Source IPAdd.172.16.0.2

    Dest. IP Add.10.0.0.1

    Protocol field

    1

    Type11

    Code0

    Chk

    sum

    0 0 Data FCS

  • 8/12/2019 Working of ICMP

    36/45

    TraceRT output -2

    The sending host, Host A:

    ! The traceroute program uses this information (Source IPAddress) and displays the second hop.

    HostA> tracert 192.168.10.2

    Type escape sequence to abort.Tracing the route to 192.168.10.2

    1 10.0.0.2 4 msec 4 msec 4 msec

    2 172.16.0.2 20 msec 16 msec 16 msec

    36 Advanced Windows Network Programming 10/30/13

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

  • 8/12/2019 Working of ICMP

    37/45

    .1

    .1

    .1

    .2

    .2

    .2

    Host A RTB RTC Host D

    DA = 192.168.10.2 TTL = 1ICMP Time Exceeded SA = 10.0.0.2

    DA = 192.168.10.2 TTL = 2ICMP Time Exceeded SA = 172.16.0.2

    DA = 192.168.10.2 TTL = 3

    37

    The sending host, HostA:! The traceroute program increments the TTL by 1 (now 3 ) and

    resends the Packet.

    Data Link Header

    (Layer 2)

    IP Header

    (Layer 3)

    ICMP Message - Echo Request (trace) DataLink

    Tr.Data LinkDestinationAddress

    Data LinkSourceAddress

    !! Source IPAdd.10.0.0.1Dest. IP Add.192.168.10.2Protocol field1TTL3

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    Advanced Windows Network Programming 10/30/13

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24Host A

  • 8/12/2019 Working of ICMP

    38/45

    .1

    .1

    .1

    .2

    .2

    .2

    RTB RTC Host D

    DA = 192.168.10.2 TTL = 1ICMP Time Exceeded SA = 10.0.0.2

    DA = 192.168.10.2 TTL = 2ICMP Time Exceeded SA = 172.16.0.2

    DA = 192.168.10.2 TTL = 3

    10/30/13Advanced Windows Network Programming

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Echo Request (trace) DataLinkTr.

    Data LinkDestination

    Address

    Data LinkSource

    Address

    !! Source IPAdd.10.0.0.1Dest. IP Add.192.168.10.2Protocol field1

    TTL1

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    38

    .

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Echo Request (trace) DataLinkTr.

    Data LinkDestination

    Address

    Data LinkSource

    Address

    !! Source IPAdd.10.0.0.1Dest. IP Add.192.168.10.2Protocol field

    1TTL2

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message - Echo Request (trace) DataLinkTr.

    Data LinkDestination

    Address

    Data LinkSource

    Address

    !! Source IPAdd.

    10.0.0.1Dest. IP Add.192.168.10.2Protocol field

    1TTL3

    Type8

    Code0

    Chksum

    ID Seq.Num

    Data FCS

    HostA to RTB

    RTB to RTC

    RTC to HostD

  • 8/12/2019 Working of ICMP

    39/45

    HostD !HostA

    Advanced Windows Network Programming39 10/30/13

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

    .1

    .1

    .1

    .2

    .2

    .2

    Host A RTB RTC Host D

    DA = 192.168.10.2 TTL = 1ICMP Time Exceeded SA = 10.0.0.2

    DA = 192.168.10.2 TTL = 2ICMP Time Exceeded SA = 172.16.0.2

    ICMP Echo Request DA = 192.168.10.2 TTL = 3

    ICMP Echo Reply SA = 192.168.10.2

    Data Link Header

    (Layer 2)

    IP Header

    (Layer 3)

    ICMP Message Echo Reply DataLink

    Tr.Data LinkDestinationAddress

    Data LinkSourceAddress

    !. Source IPAdd.192.168.10.2Dest. IP Add.10.0.0.1Protocol field1

    Type0

    Code0

    Chksum

    ID Seq.Num

    Data FCS

  • 8/12/2019 Working of ICMP

    40/45

    Tracing to HostDRTB

    ! This time RTB decrements the TTL by 1 and it is NOT 0. (It is 2.)! So it looks up the destination ip address in its routing table and forwards it on

    to the next router.

    RTC

    ! This time RTC decrements the TTL by 1 and it is NOT 0. (It is 1.)! So it looks up the destination ip address in its routing table and forwards it on

    to the next router.

    HostD

    ! HostD however decrements the TTL by 1 and it is 0.! However, HostD notices that the Destination IP Address of 192.168.0.2 is its

    own interface.

    ! Since it does not need to forward the packet, the TTL of 0 has no affect.! HostD sends the ICMP Echo Reply message to HostA.

    40 Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    41/45

    TraceRT output -3Sending host, HostA

    ! HostA receives the ICMP Echo Reply message.! The traceroute program uses this information (Source IP Address) and

    displays the third hop.

    ! The traceroute program also recognizes this ICMP Echo Replyasmeaning this is the destination it was tracing ( it knows this is the final hopand does not send any more echo requests).

    ! HostA, the sending host, now displays the third hop.HostA> tracert 192.168.10.2

    Type escape sequence to abort.

    Tracing the route to 192.168.10.2

    1 10.0.0.2 4 msec 4 msec 4 msec

    2 172.16.0.2 20 msec 16 msec 16 msec

    3 192.168.10.2 16 msec 16 msec 16 msec

    41 Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    42/45

    UDP tracing on Linux/Cisco IOS

    42

    10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

    .1

    .1

    .1

    .2

    .2

    .2

    DA = 192.168.10.2 TTL = 1

    DA = 192.168.10.2 TTL = 2

    UDP Port=35000DA = 192.168.10.2 TTL = 3

    ICMP Time Exceeded SA = 10.0.0.2

    ICMP Time Exceeded SA = 172.16.0.2

    ICMP Port Unreachable SA = 192.168.10.2

    RTA RTB RTC RTD

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    43/45

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    ICMP Message Port Unreachable DataLinkTr.

    Data Link

    Destination

    Address

    Data Link

    Source

    Address

    !. Source IPAdd.192.168.10.2

    Dest. IP Add.10.0.0.1

    Protocol field1

    Type3

    Code3

    Chk

    sum

    0 0 Data FCS

    ICMP Port Unreachable on RTD

    RTD

    ! RTD sends the packet to the UDP process.! UDP examines the unrecognizable port number of 35,000 and sends back

    an ICMP Port Unreachable messageto the sender, RTA, using Type 3and Code 3.

    43

    Data Link Header(Layer 2)

    IP Header(Layer 3)

    UDP(Layer 4)

    DataLinkTr.

    Data LinkDestination

    Address

    Data LinkSource

    Address

    !!

    Source IPAdd.10.0.0.1

    Dest. IP Add.192.168.10.2

    Protocol field0x11

    TTL1

    DestPort35,000

    FCS

    Advanced Windows Network Programming 10/30/13

  • 8/12/2019 Working of ICMP

    44/45

    TraceRoute

    Advanced Windows Network Programming44 10/30/13

  • 8/12/2019 Working of ICMP

    45/45

    References

    ! RFC 792 - Internet Control Message Protocol! RFC1393 - Traceroute Using an IP Option! Internet Control Message Protocol (ICMP) Parameters:

    http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xml

    ! RFC1574 - Essential Tools for the OSI Internet! http://en.wikipedia.org/wiki/Traceroute! http://www.cs.virginia.edu/~itlab/book/! CISCO: Understanding the Ping and Traceroute Commands:

    http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml