400 likes | 582 Views
IP's Helpers. ICMP The PING Tool Traceroute program IGMP. Orientation. The IP (Internet Protocol) relies on several other protocols to perform necessary control and routing functions. ICMP.
E N D
IP's Helpers ICMP The PING Tool Traceroute program IGMP
Orientation • The IP (Internet Protocol) relies on several other protocols to perform necessary control and routing functions.
ICMP • The Internet Control Message Protocol (ICMP) is the protocol used for error and control messages in the Internet. • ICMP provides an error reporting mechanism of routers to the sources. • All ICMP packets are encapsulated as IP datagrams. • The packet format is simple:
Types of ICMP Packets • Many ICMP packet types exist, each with its own format. • A Selection: Type Field: Message Type: 0 Echo Reply 3 Destination Unreachable 4 Source Quench 5 Redirect (Change Route) 8 Echo Request 11 Time Exceeded 12 Parameter Problem in Datagram 13 Timestamp Request 17 Address Mask Request
ICMP Message Types • ICMP messages are either query messages or error messages. • ICMP query messages: • Echo request / Echo reply • Router advertisement / Router solicitation • Timestamp request / Timestamp reply • Address mask request / Address mask reply • ICMP error messages: • Host unreachable • Source quench • Time exceeded • Parameter problem
ICMP Error Messages • Each ICMP error message contains the header and at least the first 8 bytes of the IP datagram payload that triggered the error message. • Problem: How to prevent that too many ICMP messages are sent ? (e.g., an ICMP packet could trigger an ICMP packet, which triggers …). • ICMP error messages are not sent ... ...for multiple fragments of the same IP datagrams … in response to an error message … in response to a broadcast packet … etc.
A system (host or router) asks another system for the current time. Time is measured in milliseconds after midnight UTC (Coordinated Universal Time). Sender sends a request, receiver responds with reply. Example of a Query: ICMP Timestamp TimestampRequest Sender Receiver TimestampReply
Example of an Error Message: Port Unreachable • There are 16 different ICMP error messages (‘codes’) of type “Destination Unreachable”(Type = 3) Code: Message Type: 0 Network unreachable 1 Host unreachable 2 Protocol unreachable 3 Port unreachable 4 Fragmentation needed but bit not set 5 Source route failed 6 Destination network unknown 7 Destination node unknown 8 Source host isolated Code: Message Type: 9 Destination network administratively prohibited 10 Destination host administratively prohibited 11 Network unreachable for TOS 12 Host unreachable for TOS 13 Communication administra- tively prohibited by filtering 14 host precedence violation 15 precedence cutoff in effect
ICMP Port Unreachable • RFC 792: If, in the destination host, the IP module cannot deliver the datagram because the indicated protocol module or process port is not active, the destination host may send a port unreachable message to the source host. • Scenario: Request a serviceat a port No. 1234 Client Server No process is waiting at Port 1234 Port Unreachable
ICMP Port Unreachable • Format of the Port Unreachable Message Code = 3 for Port Unreachable
The PING program • PING (=Packet InterNet Gopher) is a program that utilizes the ICMP echo request and echo reply messages. • PING is used to verify if a certain host is up and running. It is used extensively for fault isolation in IP networks. • PING can be used with a wide variety of options, e.g, : -R Record route. Includes the RECORD_ROUTE option in the ECHO_REQUEST packet and displays the route buffer on returned packets. -s packetsize Specifies the number of data bytes to be sent (Default is 56) (In newer implementations, -s is used to continuously generate queries)
Echo Request and Reply • PING’s are handled directly by the kernel. • Each Ping is translated into an ICMP Echo Request. • The Ping’ed host responds with an ICMP Echo Reply. AIDA MNG ICMP ECHO REQUEST ICMP ECHO REPLY
Format of Echo Request and Reply Identifier is set to process Id of querying process. Sequence number is incremented for each new echo request.
Running Ping aida: ping mng.poly.edu PING mng.poly.edu (128.238.42.105): 56 data bytes 64 bytes from 128.238.42.105: icmp_seq=0 ttl=128 time=0.718 ms 64 bytes from 128.238.42.105: icmp_seq=1 ttl=128 time=3.408 ms 64 bytes from 128.238.42.105: icmp_seq=2 ttl=128 time=3.171 ms 64 bytes from 128.238.42.105: icmp_seq=3 ttl=128 time=0.701 ms 64 bytes from 128.238.42.105: icmp_seq=4 ttl=128 time=0.693 ms 64 bytes from 128.238.42.105: icmp_seq=5 ttl=128 time=1.528 ms 64 bytes from 128.238.42.105: icmp_seq=6 ttl=128 time=0.689 ms 64 bytes from 128.238.42.105: icmp_seq=7 ttl=128 time=3.077 ms ^C --- mng.poly.edu ping statistics --- 8 packets transmitted, 8 packets received, 0% packet loss round-trip min/avg/max = 0.689/1.748/3.408 ms
Running Ping to a different machine Aida: ping www.cologne.de PING fileserv1.cologne.de (194.94.233.1): 56 data bytes 64 bytes from 194.94.233.1: icmp_seq=0 ttl=240 time=447.080 ms 64 bytes from 194.94.233.1: icmp_seq=1 ttl=240 time=368.383 ms 64 bytes from 194.94.233.1: icmp_seq=2 ttl=240 time=353.992 ms 64 bytes from 194.94.233.1: icmp_seq=3 ttl=240 time=323.380 ms 64 bytes from 194.94.233.1: icmp_seq=4 ttl=240 time=353.782 ms 64 bytes from 194.94.233.1: icmp_seq=5 ttl=240 time=326.356 ms ^C --- fileserv1.cologne.de ping statistics --- 7 packets transmitted, 6 packets received, 14% packet loss round-trip min/avg/max = 323.380/362.162/447.080
Running Ping on a different machine duke% ping mng mng.poly.edu is alive
Traceroute program • Uses ICMP and TTL rather than the IP Record Route option • Why not use RR option? • RR option not always implemented in routers • RR is a one-way option - need to get a return message • Room allocated in options field not sufficient
LAN Output Svr4% traceroute slip traceroute to slip (140.252.3.65), 30 hops max, 40 byte packets 1 bsdi (140.252.13.35) 20ms 10ms 10ms 2 slip (140.252.13.65) 120ms 120ms 120ms • At each TTL value, three datagrams are sent • Times correspond to the round-trip times for each datagram
IP Source routing option • Sender specifies the route • Strict source routing: sender specifies exact path; if the next hop in the source route isn’t a directly connected network, an ICMP “source route failed” error is returned • traceroute -G netb -G gateway -G gabby westgate • Loose source routing: sender specifies a list of IP addresses that the datagram must traverse, but in addition,it can traverse other routers between any two addresses in the list • traceroute -g netb -g gabby westgate
Format of source route option in IP header • Code: 0x83 for loose source routing; 0x89 for strict source routing • Ptr: points to the next router address in the list
Fields in the source route option • Len: length of the option in bytes. It can be a maximum of 39 bytes (36 for the 9 IP addresses and 3 bytes for code, len, ptr) • Ptr: 1-based index into the 39-byte option of where to store (or use) the next address. In the record route option, it indicates where to store; in source route option, it indicates the next address to use. Min. value is 4; it changes to 8, 12, 16, upto 36. When it is 40, it means the option is full.
Example of IP source routing • Host S sends a source routed datagram to destination D • Note: Destination IP address changed on each hop • RFC 791 does not say anything about the source address in the IP header changing. So the source address stays the same even with source routing. • In hop-by-hop routing, both source and destination addresses stay unchanged.
How source routing works • Sending host gets source list from the application. It removes the first entry and makes it the destination address of the IP header (R1). It leaves the ptr at 4, moves entries 1 position to the left; hence #R2, R3, D. The # sign indicates where the ptr is pointing. It adds the destination address to the end of the source route list in the source route option field. • Each router checks if it is the destination; • if not, it just forwards the datagram. This can happen if loose source routing is used; only then the source routing module can get the packet.
How source routing works (Contd.) • If it is the destination, and ptr is not greater than length, next address in the source list becomes the destination address of the IP packet. • IP address of outgoing interface becomes source address just used and ptr is incremented. Hence {R1, #R3, D}. • Using above approach the source list received at the far end can be used to supply a reverse route in its reply.
Multicast Unicast Broadcast IP Multicasting • Multicasting is one-to-many or many-to-many communications. • IP supports multicasting via the help of additional routing protocols.
The IP Protocol Stack • IP Multicasting only supports UDP at the higher layers (there is no multicast TCP !).
IP Multicasting • There are three essential components of the IP multicast service: • IP Multicast Addressing • IP Group Management • Multicast Routing • We will discuss addressing and group management
Semantics of IP Multicast • There are many different ways to implement multicast communications. • IP multicast works as follows: • Multicast groups are identified by a class D address. • Hosts (more precisely: interfaces) can join and leave a multicast group dynamically • Every IP datagram sent to a multicast group is transmitted to all members of the group
Multicast Addressing All Class D addresses are multicast addresses:
Types of Multicast addresses • Special and reserved Class D addresses, e.g,
Multicast Address Translation • The leftmost byte (first byte) of any ethernet address must be 01 to specify a multicast address • Ethernet addresses corresponding to IP multicasting are in the range of 01:00:5e:00:00:00 to 01:00:5e:7f:ff:ff • Why map an IP multicast address to an ethernet multicast address? • To avoid sending one ethernet frame per host • Hosts in multicast group will enable their ethernet device drivers to receive these multicast frames - called “joining the multicast group”
Not unique mapping • Mapping procedure is not unique • 32 different multicast IP (Class D) addresses will map to the same multicast ethernet address • Example:224.128.64.32 (hex: e0.80.40.20) and 224.0.64.32 (hex: e0:00:40:20) both map to the ethernet address 01:00:5e:00:40:20 • Ethernet device driver or IP module may need to perform filtering since the interface card may receive multicast frames in which the host is really not interested Interface card Device Driver IP
IGMP • The Internet Group Management Protocol (IGMP) is a simple protocol for the support of IP multicast. • IGMP is defined in RFC 1112. • IGMP is used by multicast routers to keep track of membership in a multicast group. • Support for: • Joining a multicast group • Query membership • Send membership reports
IGMP Packet Format • IGMP messages are only 8 bytes long Type: 1 = query sent by router, 2 = report sent by host
IGMP Protocol • A host sends an IGMP report when it joins a multicast group (Note: multiple processes on a host can join. A report is sent only for the first process). • No report is sent when a process leaves a group. • A multicast router regularly multicasts an IGMP query to all hosts (group address is set to zero). • A host responds to an IGMP query with an IGMP report. • Multicast router keeps a table of which of its interfaces have one or more hosts in a multicast group. When the router receives a multicast datagram to forward, it forwards the datagram only out the interfaces that still have hosts with processes belonging to that group.
IGMP Protocol Router is asking each host to identify each group on that interface 224.0.0.1 means all systems on this subnet