ICMP: Difference between revisions
Content added Content deleted
m (1 revision imported) |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 24: | Line 24: | ||
| 0 || Echo reply (used to Ping) |
| 0 || Echo reply (used to Ping) |
||
|- |
|- |
||
⚫ | |||
||1 and 2 |
|||
| || ''Reserved'' |
|||
|- |
|||
⚫ | |||
| 0 || Destination network unreachable |
| 0 || Destination network unreachable |
||
|- |
|- |
||
Line 36: | Line 33: | ||
| 3 || Destination port unreachable |
| 3 || Destination port unreachable |
||
|- |
|- |
||
| 4 || Fragmentation required, and DF flag set |
| 4 || Fragmentation required, and DF flag set<ref name="AVI">AVI Networks</ref> |
||
|- |
|||
| 5 || Source route failed |
|||
|- |
|- |
||
| 6 || Destination network unknown |
| 6 || Destination network unknown |
||
|- |
|- |
||
| 7 || Destination host unknown |
| 7 || Destination host unknown |
||
|- |
|||
| 8 || Source host isolated |
|||
|- |
|- |
||
| 9 || Network administratively prohibited |
| 9 || Network administratively prohibited |
||
|- |
|- |
||
| 10 || Host administratively prohibited |
| 10 || Host administratively prohibited |
||
|- |
|||
| 11 || Network unreachable for TOS |
|||
|- |
|||
| 12 || Host unreachable for TOS |
|||
|- |
|- |
||
| 13 || Communication administratively prohibited |
| 13 || Communication administratively prohibited |
||
|- |
|||
| 14 || Host Precedence Violation |
|||
|- |
|||
| 15 || Precedence cutoff in effect |
|||
|- |
|||
| 4 – Source Quench |
|||
| 0 || Source quench (congestion control) |
|||
|- |
|||
|rowspan=4| 5 – Redirect Message |
|||
| 0 || Redirect Datagram for the Network |
|||
|- |
|||
| 1 || Redirect Datagram for the Host |
|||
|- |
|||
| 2 || Redirect Datagram for the TOS & network |
|||
|- |
|||
| 3 || Redirect Datagram for the TOS & host |
|||
|- |
|||
| 6 || || Alternate Host Address |
|||
|- |
|||
| 7 || || ''Reserved'' |
|||
|- |
|- |
||
| 8 – Echo Request |
| 8 – Echo Request |
||
| 0 || Echo request (used to ping) |
| 0 || Echo request (used to ping) |
||
|- |
|||
| 9 – Router Advertisement |
|||
| 0 || Router Advertisement |
|||
|- |
|||
| 10 – Router Solicitation |
|||
| 0 || Router discovery/selection/solicitation |
|||
|- |
|- |
||
|rowspan=2| 11 – Time Exceeded |
|rowspan=2| 11 – Time Exceeded |
||
Line 89: | Line 52: | ||
|- |
|- |
||
| 1 || Fragment reassembly time exceeded |
| 1 || Fragment reassembly time exceeded |
||
|- |
|||
|rowspan=3| 12 – Parameter Problem: Bad IP header |
|||
| 0 || Pointer indicates the error |
|||
|- |
|||
| 1 || Missing a required option |
|||
|- |
|||
| 2 || Bad length |
|||
|- |
|- |
||
| 13 – Timestamp |
| 13 – Timestamp |
||
Line 102: | Line 58: | ||
| 14 – Timestamp Reply |
| 14 – Timestamp Reply |
||
| 0 || Timestamp reply |
| 0 || Timestamp reply |
||
|- |
|||
| 15 – Information Request |
|||
| 0 || Information Request |
|||
|- |
|||
| 16 – Information Reply |
|||
| 0 || Information Reply |
|||
|- |
|||
| 17 – Address Mask Request |
|||
| 0 || Address Mask Request |
|||
|- |
|||
| 18 – Address Mask Reply |
|||
| 0 || Address Mask Reply |
|||
|} |
|} |
||
</center> |
</center> |
||
= Troubleshooting = |
= Troubleshooting = |
||
Line 131: | Line 74: | ||
<br /> |
<br /> |
||
= Path MTU Discovery = |
= Path MTU Discovery<ref name="AVI"/> = |
||
* RFC 1191 defines path MTU discovery = process to detect smaller MTU to a destination |
* RFC 1191 defines path MTU discovery = process to detect smaller MTU to a destination |
||
Line 151: | Line 94: | ||
<br /> |
<br /> |
||
= Traceroute = |
= Traceroute<ref name="AVI"/> = |
||
Source: [http://packetlife.net/blog/2008/dec/29/traceroute-timeouts/ Packetlife.net] |
Source: [http://packetlife.net/blog/2008/dec/29/traceroute-timeouts/ Packetlife.net] |
||
Line 157: | Line 100: | ||
[[File:Traceroute.png|none]] |
[[File:Traceroute.png|none]] |
||
*Works by sequentially incrementing the TTL of UDP |
*Works by sequentially incrementing the TTL of UDP packets in Linux/Unix. |
||
*Sending ICMP packets in Linux requires raw sockets and thus needs root privileges. |
|||
*It uses ICMP on Windows. |
|||
*All hops return a "TTL exceeded in transit" message |
*All hops return a "TTL exceeded in transit" message |
||
*Last hop should return a "destination unreachable/port unreachable" message |
*Last hop should return a "destination unreachable/port unreachable" message |
||
Line 167: | Line 112: | ||
<br /> |
<br /> |
||
=References= |
|||
<references/> |
|||
Latest revision as of 11:10, 3 December 2019
Header
Type | Code | Checksum | |||||||||||||||||||||||||||||
Rest of Header |
Messages
Type | Code | Description |
---|---|---|
0 – Echo Reply | 0 | Echo reply (used to Ping) |
3 – Destination Unreachable | 0 | Destination network unreachable |
1 | Destination host unreachable | |
2 | Destination protocol unreachable | |
3 | Destination port unreachable | |
4 | Fragmentation required, and DF flag set[1] | |
6 | Destination network unknown | |
7 | Destination host unknown | |
9 | Network administratively prohibited | |
10 | Host administratively prohibited | |
13 | Communication administratively prohibited | |
8 – Echo Request | 0 | Echo request (used to ping) |
11 – Time Exceeded | 0 | TTL expired in transit |
1 | Fragment reassembly time exceeded | |
13 – Timestamp | 0 | Timestamp |
14 – Timestamp Reply | 0 | Timestamp reply |
Troubleshooting
- IP address is unconfigured:
Reply from 10.102.82.14: Destination host unreachable
- Ping disabled on host:
Request timed out
- Router performs ICMP rate limiting:
U.U.U ping response
Path MTU Discovery[1]
- RFC 1191 defines path MTU discovery = process to detect smaller MTU to a destination
- Two key components:
Don't Fragment (DF) bit of the IP header A subcode of the ICMP Destination Unreachable message - Fragmentation Needed
- Setting DF bit in IP packet prevents a Router from fragmenting a packet larger than MTU
- Packet is discarded and an ICMP Fragmentation Needed message is sent
- RFC 1191 expands the Fragmentation Needed message to include the MTU of the link requiring fragmentation
- Path MTU discovery is continuous process & can detect increase or decrease in MTU
tracepath -n 192.168.1.2 mturoute (Windows)
- A Fragmentation Needed message can be seen in packet #6 of this packet capture:
Traceroute[1]
Source: Packetlife.net
- Works by sequentially incrementing the TTL of UDP packets in Linux/Unix.
- Sending ICMP packets in Linux requires raw sockets and thus needs root privileges.
- It uses ICMP on Windows.
- All hops return a "TTL exceeded in transit" message
- Last hop should return a "destination unreachable/port unreachable" message
- UDP traceroute packets are sent to a pseudorandom high port on which the end host is not likely to be listening
References
{{#widget:DISQUS
|id=networkm
|uniqid=ICMP
|url=https://aman.awiki.org/wiki/ICMP
}}