IP and ICMP - PowerPoint PPT Presentation

1 / 37

About This Presentation

Title:

IP and ICMP

Description:

IP addresses of the source and (final) destination. Hardware address of the source and ... Hardware address of the next-hop router (if not local) IP host ... – PowerPoint PPT presentation

Number of Views:24

Avg rating:3.0/5.0

Slides: 38

Provided by: uwp4

Category:

Tags: icmp

more less

Transcript and Presenter's Notes

Title: IP and ICMP

1
IP and ICMP

Internet Protocol
Internet Control Message Protocol

2
About Internet Protocol

Internet Protocol Network Layer, end-to-end
communications
IP version 4 (IPv4) - widely implemented
Internet Protocol version 6 (IPv6) not widely
used yet
Requirements for building an IP datagram packet
to transmit on the wire
IP addresses of the source and (final)
destination
Hardware address of the source and
Destination hardware address (if on the local
network)
Hardware address of the next-hop router (if not
local)
IP host
Can use a manually entered destination IP address
or the DNS to obtain a destinations IP address

3
If Remote, Which Router?

Types of route table entries
Host route entry
Network route entry
Receiving gateway typically does one of the
following
Forwards packet
Sends an ICMP reply
Sends an ICMP reply indicating that it is unclear
where to send the packet

4
Lifetime of an IP Datagram

IP packets
Have a pre-defined lifetime indicated in each
packets Time to Live (TTL) field
TTL can range from 0 to 255
TTL supposedly represents seconds, but router
hops is more accurate
TTL is intended to avoid infinite loops in
circular routes
64
Recommended starting TTL value
128
Default TTL in Windows 2000, Windows 2003, and
Windows XP

5
Fragmentation and Reassembly

IP fragmentation
Enables a larger packet to be automatically
fragmented by a router
Once fragmented
No reassembly occurs until fragments arrive at
destination
All fragments are given the same TTL value

6
Service Delivery Options

Precedence
Used by routers to determine what packet to send
Type of Service
Used to select routing path when multiple paths
exist
Routing protocols
OSPF and Border Gateway Protocol (BGP)
RFC 2474, RFC 2475, and RFC 3168
Offer a new use of the TOS field bits
Suggest that TOS and Precedence field bytes be
replaced by a Differentiated Services Code Point
(DSCP) field
Diffserv
Uses DSCP value to enable routers to offer
varying levels of service to traffic based on
marker placed in the DSCP field
Example Voice over IP (VoIP) needs to be
forwarded by routers more quickly than ordinary
data packets

7
IP Header Fields And Functions

Version Field
First field in IP header
Header Length Field
Denotes the length of the IP header only
Type of Service Field
Has two components precedence and Type of
Service
Total Length Field
Defines length of the IP header and any valid data

8
IP Header Fields And Functions
9
IP Header Fields And Functions (continued)

Identification Field
Each packet is given a unique ID value when sent
Flags Field
Three bits long
Typically, fragmentation is allowed
Fragment Offset Field
Shows where to place packets data when
fragments are reassembled

10
IP Header Fields And Functions (continued)

Time to Live (TTL) Field
Denotes the remaining lifetime of the packet
Protocol Field
Indicates what is coming up next
Header Checksum Field
Provides error detection on the contents of the
IP header only
Source Address Field
The IP address of the IP host that sent the packet

11
IP Header Fields And Functions (continued)

Destination Address Field
Can include a unicast, multicast, or broadcast
address
Final destination of the packet
Options Fields
Exist primarily to provide additional IP routing
controls
Can be useful when testing or debugging code or
specific connections

12
Internet Control Message Protocol

ICMP
Provides information about network connectivity
and routing behavior
Provides a way to return information to senders
Messages are nothing more than specially
formatted IP datagrams
RFC 792
Provides basic specification for all ICMP
messages
Provides mechanism for gateways (routers) or
destination hosts to communicate with source
hosts
Takes the form of specially formatted IP
datagrams
Reports errors about processing of non-ICMP IP
datagrams

13
ICMPs Role in IP Networks

ICMPs job is to provide information about
IP routing behavior
Reachability
Routes between specific pairs of IP hosts
Delivery errors

14
(No Transcript)
15
Testing And Troubleshooting Connectivity
Testing with Ping

PING and TRACEROUTE
Rely on ICMP to perform connectivity tests and
path discovery
PING
Actually a form of ICMP Echo communication
ICMP Echo Request
Connectionless process with no guarantee of
deliveryMost PING utilities
Send series of several Echo Requests to the
target in order to obtain average response time
PING utility
Sends series of four ICMP Echo Requests with a
one-second ICMP Echo Reply Timeout value
Supports IP addresses and names (e.g. www.uwp.edu)

16
(No Transcript)
17
Connectivity Testing with PING (contd)

Parameters available with the PING utility
-l size
-f
-i TTL
-v TOS,
-w timeout

18
Path Discovery with TRACEROUTE

TRACEROUTE utility
Uses route tracing to identify a path from sender
to target host
Available parameters
-d
-h
-w

19
(No Transcript)
20
Path Discovery with PATHPING

PATHPING utility
Command-line utility
Uses ICMP Echo packets to test router and link
latency, as well as packet loss
PMTU Discovery
Enables source to learn the currently supported
MTU across an entire path
MTU maximum transmission unit the biggest
chunk of data that can be carried across a
network
Use ping f l MTU host-address
-f (dont fragment)
Replace MTU with a number of a MTU (e.g. 1500)
Ex ping f l 1500 131.210.1.15

21
Routing Sequences for ICMP

ICMP
Can provide some routing information to hosts
Used by routers to provide a default gateway
setting to a host
Routers
Can send ICMP messages
Routing Discovery
IP hosts
Typically learn about routes through manual
configuration of
Default gateway parameter and redirection
messages
Send ICMP Router Solicitations and routers reply
with ICMP Router Advertisements
By default
ICMP Router Solicitation packet is sent to the
all-routers IP multicast address 224.0.0.2

22
(No Transcript)
23
Security Issues For ICMP

ICMP
Can be used as an information-gathering tool
IP address scanning process
One method of obtaining a list of the active
hosts
IP host probe
Performed by sending a PING packet to each host
within a range and noting the responses

24
ICMP Packet Fields and Functions

Value 1 in IP header Protocol field
Denotes that an ICMP header follows the IP header
ICMP header portions
Constant portion
Variable portion

25
(No Transcript)
26
Constant ICMP Fields

ICMP packets contain three required fields after
the IP header
Type
Code
Checksum

27
The Variable ICMP Structures and Functions

ICMP Type 0
Used for Echo Reply packets
ICMP Type 8
Used for Echo Request packets
RFC 792
Identifier and Sequence fields are used to aid in
matching Echo messages with Echo Replies

28
(No Transcript)
29
(No Transcript)
30
Type 3 Destination Unreachable Packets

Network troubleshooters
Often closely track ICMP Destination Unreachable
packets
Host that sends Destination Unreachable packet
Must return IP header and eight bytes of original
datagram that triggered this response
Total of 16 (0 through 15) possible codes
Currently assigned to ICMP Destination
Unreachable type number

31
(No Transcript)
32
(No Transcript)
33
Type 4 Source Quench