Presentation on theme: "Internet Control Message Protocol (ICMP)"— Presentation transcript:
1 Internet Control Message Protocol (ICMP) Presented byDr.Apichan Kanjanavapastit
2 Why ICMP is needed?The IP protocol is a best-effort delivery service that delivers a datagram from its original source to its final destinationHowever, it has two deficiencies: lack of error control and lack of assistance mechanismsWhat happens if something goes wrong? What happens if a router must discard a datagram because it cannot find a router to the final destination, or because the time-to-live field has a zero value?The Internet Control Message Protocol (ICMP) has been designed to compensate for the two deficiencies
3 ICMP EncapsulationICMP itself is a network layer protocol. However, its messages are not passed directly to the data link layer as would be expectedInstead, the messages are first encapsulated inside IP datagrams before going to the lower layerThe value of the protocol field in the IP datagram is 1 to indicate that the IP data is an ICMP message
4 Types of ICMP MessagesICMP message are divided into two broad categories: error-reporting messages and query messagesThe error-reporting messages report problems that a router or a host (destination) may encounter when it processes an IP packetThe query messages help a host or a network manager get specific information from a router or another host
6 Message FormatAn ICMP message has an 8-byte header and a variable-size data sectionThe general format of the header is different for each message type, but the first 4 bytes are common to allThe first field, ICMP type defines the type of the message and the Code field specifies the reason for the particular message typeThe rest of the header is specific for each message typeThe data section in error messages carries information for finding the original packet that had the errorIn query messages, the data section carries extra information based on the type of the queryFigure General format of ICMP messages
7 Error ReportingIP is not concerned with error checking and error controlICMP was designed to compensate for this shortcoming. ICMP does not correct errors, it simply reports themError correction is left to the higher layer protocolsFive types of errors are handled: destination unreachable, source quench, time exceeded, parameter problems, and redirection
8 Error Reporting (cont.) All error messages contain a data section that includes the IP header of the original datagram plus the first 8 bytes of data in that datagramThe original datagram header is added to give the original source information about the datagram itselfThe 8 bytes of data are included because they provide information about port number and sequence numberThis information is needed so the source can inform the protocols (TCP or UDP) about the error
9 The following are important points about ICMP error messages: Note:The following are important points about ICMP error messages:❏ No ICMP error message will be generated in response to a datagram carrying an ICMP error message. ❏ No ICMP error message will be generated for a fragmented datagram that is not the first fragment. ❏ No ICMP error message will be generated for a datagram having a multicast address. ❏ No ICMP error message will be generated for a datagram having a special address such as or
11 Destination Unreachable When a router cannot route a datagram or a host cannot deliver a datagram, the datagram is discarded and the router or the host sends a destination-unreachable message back to the source host that initiated the datagram
12 Other destination-unreachable messages can be created only by routers. Note:Destination-unreachable messages with codes 2 or 3 can be created only by the destination host.Other destination-unreachable messages can be created only by routers.
13 Source QuenchThe source-quench message in ICMP was designed to add a kind of flow control to the IPWhen a router or host discards a datagram due to congestion, it sends a source-quench message to the sender of the datagramThis messages has two purposes: First, it informs the source that the datagram has been discarded, Second, it warns the source that there is congestion somewhere in the path and that the source should slow down (quench) the sending process
14 More explanations for source quench One source-quench message is sent for each datagram that is discarded due to congestionThere is no mechanism to tell the source that the congestion has been relieved and the source can resume sending datagrams at its previous rateThe congestion can be created either by a one-to-one or many-to-one communication
15 Time Exceeded The time-exceeded message is generated in 2 cases: When a datagram is discarded due to the value of time to live field is zeroWhen all fragments that make up a message do not arrive at the destination host within a certain time limitIn a time-exceeded message, code 0 is used only by routers to show that the value of the time-to-live field is zero. Code 1 is used only by the destination host to show that not all of the fragments have arrived within a set time.
16 Parameter ProblemAn ambiguity in the header part of a datagram can create serious problems as the datagram travels through the InternetIf a router or the destination host discovers an ambiguous or missing value in any field of the datagram, it discards the datagram and sends a parameter-problem message back to the source
17 RedirectionNormally, hosts do not take part in the routing update process because there are many more hosts in an internet than routersThe hosts usually use static routing and their routing table has a limited number of entriesThey usually know the IP address of a router, the default routerFore this reason, the hosts may send a datagram, which is destined for another network, to the wrong routerIn this case, the router that receives the datagram will forward the datagram to the correct routerTo update the routing table of the host, it sends a redirect message to the host
18 Redirection Message Format Default gateways only send ICMP redirect/change request messages if the following conditions are met:The interface on which the packet comes into the router is the same interface on which the packet gets routed out.The subnet/network of the source IP address is the same subnet/network of the next-hop IP address of the routed packet.The datagram is not source-routed.The route for the redirect is not another ICMP redirect or a default route.The router is configured to send redirects. (By default, Cisco routers send ICMP redirects. The interface subcommand no ip redirects will disable ICMP redirects.)
19 ICMP Redirect ExampleHost H sends a packet to Host on network /8.Since Host H is not directly connected to the same network, it forwards the packet to its default gateway, Router R1 atRouter R1 finds the correct route to network /8 by looking in its route table.It determines that the path to the network is back out the same interface the request to forward the packet came from to Router R2 atR1 forwards the packet to R2 and sends an ICMP redirect/change request to Host H telling it to use Router R2 at as the gateway to forward all future requests to network /8.
20 QueryICMP can also diagnose some network problems through the query messages, a group of four different pairs of messagesIn this type of ICMP message, a node sends a message that is answered in a specific format by the destination node.
21 Echo Request and ReplyThe echo-request and echo-reply messages are designed for diagnostic purposesThe combination of echo-request and echo-reply messages determines whether two systems (hosts or routers) can communication with each other at the IP levelEcho-request and echo-reply can determine whether or not a node is functioning properly. The node to be tested is sent an echo-request message. The optional data field contains a message that must be repeated exactly by the responding node in its echo-request message
22 Timestamp Request and Reply Two machines (hosts or routers) can use the timestamp-request and timestamp-reply messages to determine the round-trip time needed for an IP datagram to travel between themIt can also used to synchronize the clocks in two machines
25 Example 1We use the ping program to test the server fhda.edu. The result is shown below:
26 Example 2We use the traceroute program to find the route from the computer voyager.deanza.edu to the server fhda.edu. The following shows the result:$ traceroute fhda.edu traceroute to fhda.edu ( ), 30 hops max, 38 byte packets 1 Dcore.fhda.edu ( ) ms ms ms 2 Dbackup.fhda.edu ( ) ms ms ms 3 tiptoe.fhda.edu ( ) ms ms msSee Next Slide
27 Example 2 (Continued)The un-numbered line after the command shows that the destination is The TTL value is 30 hops. The packet contains 38 bytes: 20 bytes of IP header, 8 bytes of UDP header, and 10 bytes of application data. The application data is used by traceroute to keep track of the packets.The first line shows the first router visited. The router is named Dcore.fhda.edu with IP address The first round trip time was milliseconds, the second was milliseconds, and the third was milliseconds.The second line shows the second router visited. The router is named Dbackup.fhda.edu with IP address The three round trip times are also shown.The third line shows the destination host. We know that this is the destination host because there are no more lines. The destination host is the server fhda.edu, but it is named tiptoe. fhda.edu with the IP address The three round trip times are also shown.
28 Example 3Finally, we use the traceroute program to find the route between fhda.edu and mhhe.com (McGraw-Hill server). We notice that we cannot find the whole route. When traceroute does not receive a response within 5 seconds, it prints an asterisk to signify a problem, and then tries the next hop..$ traceroute mhhe.com traceroute to mhhe.com ( ), 30 hops max, 38 byte packets 1 Dcore.fhda.edu ( ) ms ms ms 2 Ddmz.fhda.edu ( ) ms ms ms 3 Cinic.fhda.edu ( ) ms ms ms * * * 17 * * *