430 likes | 556 Views
CS335 Networking & Network Administration. Wednesday, May 12, 2010. ICMP. Internet Control Message Protocol Error reporting protocol integrated with IP We have reviewed header checksum http://www.faqs.org/rfcs/rfc792.html
E N D
CS335 Networking &Network Administration Wednesday, May 12, 2010
ICMP • Internet Control Message Protocol • Error reporting protocol integrated with IP • We have reviewed header checksum • http://www.faqs.org/rfcs/rfc792.html • Short for Internet Control Message Protocol, an extension to the Internet Protocol (IP) defined by RFC 792. ICMP supports packets containing error, control, and informational messages. The PING command, for example, uses ICMP to test an Internet connection.
ICMP • ICMP Protocol Overview • Internet Control Message Protocol (ICMP), documented in RFC 792, is a required protocol tightly integrated with IP. ICMP messages, delivered in IP packets, are used for out-of-band messages related to network operation or misoperation. Of course, since ICMP uses IP, ICMP packet delivery is unreliable, so hosts can't count on receiving ICMP packets for any network problem. Some of ICMP's functions are to: • Announce network errors, such as a host or entire portion of the network being unreachable, due to some type of failure. A TCP or UDP packet directed at a port number with no receiver attached is also reported via ICMP. • Announce network congestion. When a router begins buffering too many packets, due to an inability to transmit them as fast as they are being received, it will generate ICMP Source Quench messages. Directed at the sender, these messages should cause the rate of packet transmission to be slowed. Of course, generating too many Source Quench messages would cause even more network congestion, so they are used sparingly. • Assist Troubleshooting. ICMP supports an Echo function, which just sends a packet on a round--trip between two hosts. Ping, a common network management tool, is based on this feature. Ping will transmit a series of packets, measuring average round--trip times and computing loss percentages. • Announce Timeouts. If an IP packet's TTL field drops to zero, the router discarding the packet will often generate an ICMP packet announcing this fact. TraceRoute is a tool which maps network routes by sending packets with small TTL values and watching the ICMP timeout announcements.
ICMPmessages http://www.iana.org/assignments/icmp-parameters http://www.networksorcery.com/enp/protocol/icmp.htm
ICMP message transport • ICMP uses IP to transport error messages ICMP includes both messages about errors and informational messages. ICMP is integrated with IP: ICMP encapsulates messages in IP for transmission and IP uses ICMP to report problems.
ICMP • ICMP messages are created in response to a datagram when the datagram has encountered a problem ( ex. A router finds that the destination is unreachable) • Sending data back to sender is easy because datagram has source IP address • No special priority – but if a datagram carrying an ICMP error causes an error, no error message is sent to keep from flooding the network with error messages about error messages
ICMP to test reachability • Ping uses the ICMP echo request and echo reply messages • Ping sends an IP datagram that contains an ICMP echo message to the specified destination • If no reply arrives ping retransmits the request • ICMP on remote machine replies to the echo request
Traceroute • ICMP is used in traceroute • Traceroute sets the time to live of firstpacket to 1 • The first router reponds and discards the packet because of time to live = 0 and sends back an ICMP time exceeded message • Traceroute now knows the IP address of the first router from the source address of the error it sends • Then traceroute sends the second packet with time to live of 2
Traceroute • Last address reply • Two techniques • Send an ICMP echo request message; the destination host will generate an ICMP echo reply • Send a datagram to a nonexistent application; the destination host will generate an ICMP destination unreachable message • Microsoft uses the first • Unix uses second approach • The 2 approaches can produce different addresses for the final destination • Echo request gives a source address equal to the ip address to which the request was sent • When a datagram with no application arrives, ICMP uses the address of the interface over which the error message is sent
Traceroute result • traceroute from www.net.berkeley.edu to www.lagrande.k12.or.us • 1 vlan206.inr-203-eva.Berkeley.EDU (128.32.206.1) 0.855 ms 0.627 ms 1.219 ms • 2 vlan209.inr-201-eva.Berkeley.EDU (128.32.255.1) 0.340 ms 0.306 ms 0.289 ms • 3 ge-1-2-0.inr-002-reccev.Berkeley.EDU (128.32.0.36) 0.402 ms 0.401 ms 0.395 ms • 4 hpr-oak-hpr--ucb-ge.cenic.net (137.164.27.129) 0.637 ms 1.150 ms 0.617 ms • 5 sac-hpr--oak-hpr-10ge.cenic.net (137.164.25.17) 2.325 ms 2.239 ms 2.243 ms • 6 lax-hpr--sac-hpr-10ge.cenic.net (137.164.25.10) 11.893 ms 11.748 ms 11.723 ms • 7 abilene-LA--hpr-lax-gsr1-10ge.cenic.net (137.164.25.3) 11.744 ms 13.390 ms 14.997 ms • 8 snvang-losang.abilene.ucaid.edu (198.32.8.95) 19.344 ms 19.163 ms 19.432 ms • 9 pos-1-0.core0.eug.oregon-gigapop.net (198.32.163.17) 31.597 ms 31.478 ms 31.469 ms • 10 nero.eug.oregon-gigapop.net (198.32.163.151) 31.648 ms 31.593 ms 31.585 ms • 11 ptck-core2-gw.nero.net (207.98.64.2) 33.928 ms 34.089 ms 33.988 ms • 12 eou-car1-gw.nero.net (207.98.64.22)46.885 ms 46.496 ms 46.667 ms
More TraceRoute Info • http://bs.mit.edu:8001/cgi-bin/traceroute • http://www.traceroute.org/#USA • http://visualroute.visualware.com/
Visual Routehttp://visualroute.visualware.com/ • ====================================================================================== • === VisualRoute (R) 2005 Server Edition (v9.3a) report on May 11, 2005 12:46:44 PM === • ====================================================================================== • Report for www.lagrande.k12.or.us [140.211.34.6] • Analysis: 'www.lagrande.k12.or.us' was found in 13 hops (TTL=243). • --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- • | Hop | %Loss | IP Address | Node Name | Location | Tzone | ms | Graph | Network | • --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- • | 0 | | 161.58.180.113 | WIN10115.visualware.com | * | | | | Verio, Inc. VRIO-161-058 | • | 1 | | 161.58.176.129 | - | | | 0 | x | Verio, Inc. VRIO-161-058 | • | 2 | | 161.58.156.140 | - | | | 6 | x- | Verio, Inc. VRIO-161-058 | • | 3 | | 129.250.28.206 | xe-1-2-0-3.r20.asbnva01.us.bb.verio.net | Ashburn, VA, USA | -05:00 | 0 | x | Verio, Inc. VRIO-129-250 | • | 4 | | 129.250.2.35 | p64-0-0-0.r21.asbnva01.us.bb.verio.net | Ashburn, VA, USA | -05:00 | 0 | x | Verio, Inc. VRIO-129-250 | • | 5 | | 129.250.9.162 | p16-0.level3.asbnva01.us.bb.verio.net | Ashburn, VA, USA | -05:00 | 0 | x | Verio, Inc. VRIO-129-250 | • | 6 | | 209.244.11.13 | so-2-1-0.bbr2.Washington1.Level3.net | 38.55n, 77.13w | | 0 | x | Level 3 Communications, Inc. LEVEL3-CIDR | • | 7 | | 209.247.10.133 | so-1-0-0.mp2.Seattle1.Level3.net | Seattle, WA, USA | -08:00 | 74 | x | Level 3 Communications, Inc. LEVEL3-CIDR | • | 8 | | 209.247.9.58 | ge-11-1.hsa2.Seattle1.Level3.net | Seattle, WA, USA | -08:00 | 75 | x | Level 3 Communications, Inc. LEVEL3-CIDR | • | 9 | | 63.211.200.246 | unknown.Level3.net | | | 78 | x | Level 3 Communications, Inc. LEVEL4-CIDR | • | 10 | | 207.98.64.138 | ptck-core2-gw.nero.net | | | 78 | x | Oregon Exchange OREGON-EXCH | • | 11 | | 207.98.64.22 | eou-car1-gw.nero.net | | | 91 | x | Oregon Exchange OREGON-EXCH | • | 12 | | 140.211.34.6 | lagrande.k12.or.us | | | 92 | x | Oregon State System of Higher Education OSSHENET | • | 13 | | 140.211.34.6 | www.lagrande.k12.or.us | | | 92 | x | Oregon State System of Higher Education OSSHENET | • ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ICMP for path MTU discovery • Smallest MTU is the path MTU • Fragmentation impacts performance so determining path MTU can keep fragmentation from happening • Set header bit in Flags field to prevent fragmentation • Probe with datagrams to find a datagram size that passes the MTU of the route
UDP – User Datagram Protocol • End-to-end protocols are in Layer 4 • End-to-end protocol or transport protocol • UDP is less complex but does not provide the type of service that a typical application expects
UDP • End-to-end – can distinguish among multiple applications on a computer • Connectionless – the interface that UDP supplies to apps follows a connectionless paradigm; does not need to preestablish communication before sending data, nor terminate communication when finished; no control messages, arbitrary delay times between messages • Message-oriented – an app that uses UDP send and receives individual messages • Best-effort – UDP offers the same best effort delivery as IP • Arbitrary interaction – UDP allows an app to send to many other apps, receive from many apps, or communicate with exactly one app • OS independent – provides a means of identifying application programs that does not depend on identifiers used by the local OS
Message-oriented interface • Does not divide messages into packets for transmission • Does not combine messages for delivery • IP datagram size forms a limit on the size of a UDP message • Problems for programmers • UDP message size • Large messages will be fragmented if the network MTU is exceeded • Small messages have large ratio of header octets to data octets - inefficient
UDP • UDP uses IP for delivery so it uses best-effort delivery semantics • UDP suffices for applications that can afford lost or corrupted packets • Audio could afford a lost packet – it would produce annoying noise • On-line shopping can’t tolerate duplication of messages
UDP • 1-to-1: app to app • 1-to-many: app to multiple recipients • Many-to-1: receive messages from multiple • Many-to-many: set of apps communicate together • Applications using UDP can use unicast, multicast and broadcast IP addresses
UDP • UDP defines an abstract set of identifiers for the application programs called protocol port numbers independent of the underlying OS • All OS’s recognize the standard protocol port numbers
UDP Datagram • UDP messages are called user datagrams • Short header and a payload • Protocol port numbers for sender and receiver • Message length of total size measured in octets
Encapsulation • UDP is encapsulated in IP
UDP summary • Provides end-to-end message transport from an app on one computer to an app on another • Encapsulated in IP • Uses best delivery like IP • Uses protocol port numbers to distinguish among apps and independent of underlying OS
TCP • Transmission control protocol • Provides reliable data delivery service to applications • Reliability is the responsibility of the transport protocol
TCP services • Connection orientation – app first requests a connection to a destination, then uses it to transfer data • Point-to-point – each TCP connection has exactly two endpoints • Complete reliability – TCP guarantees that the data sent will be delivered exactly as sent • Full duplex communication – data flows in either direction; either app can send data at any time. TCP can buffer outgoing and incoming data, so an app can continue computation while data is transferred
TCP services • Stream interface – app sends continuous sequence of octets • Reliable connection startup – both apps have to agree to the connection; duplicate packets used in previous connections will not appear to be valid responses • Graceful connection shutdown – apps can open connections, send arbitrary data, then request a shutdown. TCP guarantees to deliver data reliably before closing connection
End-to-end service • Virtual connections because achieved in software • Encapsulated in IP • IP passes to TCP • TCP treats IP as a packet communication system and IP treats each TCP message as data to be transferred
Reliability • Can’t accept duplicate messages from old connections • Computer reboots can leave a a connection in place
Packet Loss • Retransmission • TCP starts timer when it sends data • If no ACK retransmits
Adaptive retransmission • TCP estimates round trip delays for each connection to adapt to internet delay • Doesn’t use a fixed timeout due to changes in internet responses
Comparison • Adaptive retransmission
Buffers, flow control • TCP uses a window mechanism • Each side allocates a buffer and communicates it to the other side • Amount of buffer at a time is the window • When a sender gets a zero window it has to wait to send more data • Receiver can control the rate at which sender transmits data
Three-way handshake • Reliable connections established and terminated • Synchronization segment (SYN) to create connection • Finish segment (FIN) to terminate connection • TCP retransmits lost SYN and FIN segments
Congestion control • Packet loss (or extremely long delay) is most likely due to congestion • Congestion can be exacerbated by retransmission • So TCP uses packet loss as a measure of congestion and reduces the rate at which it retransmits data • TCP knows receiver window size and retransmits at lower rates
Congestion • TCP sends a single message containing data • If an ACK arrives with no loss, TCP sends two additional messages • If those ACK’s arrive, sends 4 • When it reaches half of the receiving window allotment it slows down the rate of increase • This scheme works well with increased traffic on the internet • Senders back off when congestion occurs
TCP segment format • Segment refers to a message • TCP uses this format for all messages: data, acknowledgements, and messages that are part of the 3-way handshake
TCP Summary • Major transport protocol of the TCP/IP suite • Provides apps with a reliable, flow-controlled, full-duplex, stream transport service • Connection oriented with guaranteed delivery and termination • TCP on one computer exchanges messages with TCP on receiver • Travels in IP datagram • Retransmits lost messages • Retransmission time is adaptive
TCP resources • ftp://ftp.isi.edu/in-notes/rfc793.txt original DARPA TCP protocol definition from 1981 • ftp://ftp.isi.edu/in-notes/rfc1122.txt later refinements • http://www.faqs.org/rfcs/rfc793.html • http://www.cisco.com/warp/public/535/4.html • http://www.protocols.com/pbook/tcpip1.htm
NAT • Network address translation • Share one single valid IP address for the Internet with multiple computers • Computers on Internet never see private addresses
Basic address translation • Valid IP address for site of 128.210.24.6 • Source address = 10.0.0.1 • Destination address = 128.211.134.4 • NAT has to rewrite the source address to make it 128.210.24.6 • Also has to recompute the IP checksum because the original checksum will fail
Translation table • NAT uses translation table to track the destination of packets to the incoming network
NAPT • Network address and port translation • If browser at 10.0.0.1 and 10.0.0.2 both form TCP connection, NAPT table rewrites both IP address and port number
NAT at home • DSL and cable modems use NAT to share address in a residence
NAT resources • http://www.faqs.org/rfcs/rfc3022.html NAT • http://www.faqs.org/rfcs/rfc2663.html NAT • http://www.faqs.org/rfcs/rfc2766.html NAPT