1 / 33

Guide To TCP/IP, Second Edition

Guide To TCP/IP, Second Edition. Chapter 4 Internet Control Message Protocol (ICMP). Objectives. Understand the Internet Control Message Protocol Test and troubleshoot sequences for ICMP Work with ICMP packet fields and functions. Understanding The Internet Control Message Protocol.

cissy
Download Presentation

Guide To TCP/IP, Second Edition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Guide To TCP/IP, Second Edition Chapter 4 Internet Control Message Protocol (ICMP) Guide to TCP/IP, Second Edition

  2. Objectives • Understand the Internet Control Message Protocol • Test and troubleshoot sequences for ICMP • Work with ICMP packet fields and functions Guide to TCP/IP, Second Edition

  3. Understanding The Internet Control Message Protocol • Provides information about • Network Connectivity • Routing behavior • Reachability • Delivery error reports • Control information • Network congestion Guide to TCP/IP, Second Edition

  4. Overview of RFC 792 • Specification of all ICMP messages • RFC 792 point about IP and ICMP • Mechanism for gateways (routers) or destination hosts to communicate with source hosts • Specially formatted IP datagrams, with specific associated message types and codes • Essential part of IP’s support fabric • ICMP reports errors only about processing of non-ICMP IP datagrams Guide to TCP/IP, Second Edition

  5. ICMP’s Vital Role on IP Networks • ICMP is used for network monitoring and troubleshooting Guide to TCP/IP, Second Edition

  6. ICMP’s Vital Role on IP Networks (cont.) Guide to TCP/IP, Second Edition

  7. Testing And Troubleshooting Sequences For ICMP • Connectivity testing with PING • ICMP Echo Request • ICMP Echo Reply • Windows XP command-line parameters used with PING • -l • -f • -i • -v • -w Guide to TCP/IP, Second Edition

  8. Testing And Troubleshooting Sequences For ICMP (cont.) Guide to TCP/IP, Second Edition

  9. Testing And Troubleshooting Sequences For ICMP (cont.) Guide to TCP/IP, Second Edition

  10. Path Discovery with TRACEROUTE • Identifies a path • Steps TRACEROUTE uses to identify a path • Host sends ICMP Echo Request with a TTL value of 1 • Router 1 discards the packet and sends an ICMP Time Exceeded-TTL Exceeded in Transit message • Host sends ICMP Echo Request with a TTL value of 2 • Router 1 decrements ICMP Echo Request packet by 1 • Router 2 discards the packet and sends an ICMP Time Exceeded-TTL Exceeded in Transit message • Destination host sends a ICMP Echo Reply Guide to TCP/IP, Second Edition

  11. Path Discovery with TRACEROUTE (cont.) Guide to TCP/IP, Second Edition

  12. Path Discovery with TRACEROUTE (cont.) • Windows XP command-line parameters used with TRACERT • -d • -h • -w Guide to TCP/IP, Second Edition

  13. Routing Sequences for ICMP • Router Discovery • ICMP Router Solicitation • ICMP Router Discovery • Router Advertising • Periodic ICMP Router Advertisements passively learn about available routes • TTL route entry is 30 minutes then route entry is removed from the route table • Advertising rate is between seven to ten minutes • Redirection to a better router Guide to TCP/IP, Second Edition

  14. Routing Sequences for ICMP (cont.) Guide to TCP/IP, Second Edition

  15. Routing Sequences for ICMP (cont.) Guide to TCP/IP, Second Edition

  16. Security Issues For ICMP • ICMP is part of a reconnaissance process • IP host probe • Port probe Guide to TCP/IP, Second Edition

  17. ICMP Packet Fields And Functions • Two types of ICMP fields • Constant and Variable • Constant ICMP fields • Type Field • Code Field • Checksum Field Guide to TCP/IP, Second Edition

  18. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  19. ICMP Packet Fields And Functions (cont.) • The variable ICMP structures and functions • Types 0 and 8: Echo Reply and Echo Packets • Type 3: Destination Unreachable Packets • Code 0: Net Unreachable • Code 1: Host Unreachable • Code 2: Protocol Unreachable • Code 3: Port Unreachable • Code 4: Fragmentation Needed and Don’t Fragment Was Set • Code 5: Source Route Failed • Code 6: Destination Network Unknown • Code 7: Destination Host Unknown Guide to TCP/IP, Second Edition

  20. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  21. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  22. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  23. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  24. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  25. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  26. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  27. ICMP Packet Fields And Functions (cont.) Guide to TCP/IP, Second Edition

  28. ICMP Packet Fields And Functions (cont.) • Type 3: Destination Unreachable Packets (cont.) • Code 8: Source Host Isolated • Code 9: Communication with Destination Network Is Administratively Prohibited • Code 10:Communication with Destination Host Is Administratively Prohibited • Code 11: Destination Network Unreachable for Type of Service • Code 12: Destination Host Unreachable for Type of Service • Code 13: Communication Administratively Prohibited • Code 14: Host Precedence Violation • Code 15: Precedence Cutoff in Effect Guide to TCP/IP, Second Edition

  29. Chapter Summary • ICMP provides vital feedback about IP routing and delivery problems • ICMP also provides important IP diagnostic and control capabilities that include reachability analysis, congestion management, route optimization, and timeout error reports Guide to TCP/IP, Second Edition

  30. Chapter Summary (cont.) • Although ICMP messages fall within various well-documented types and behave as a separate protocol at the TCP/IP Network layer, ICMP is really part of IP itself, and its support is required in any standards-compliant IP implementation • RFC 792 describes ICMP, but numerous other RFCs (such as 950, 1191, and 1812) describe additional details about how ICMP should behave, and how its messages should be generated and handled Guide to TCP/IP, Second Edition

  31. Chapter Summary (cont.) • Two vital TCP/IP diagnostic utilities, known as PING and TRACEROUTE (invoked as TRACERT in the Windows environment), use ICMP to measure roundtrip times between a sending and receiving host, and to perform path discovery for a sending host and all intermediate hosts or routers between sender and receiver Guide to TCP/IP, Second Edition

  32. Chapter Summary (cont.) • Although ICMP has great positive value as a diagnostic and reporting tool, those same capabilities can be turned to nefarious purposes as well, which makes security issues for ICMP important • When hackers investigate networks, ICMP host probes often represent early stages of attack Guide to TCP/IP, Second Edition

  33. Chapter Summary (cont.) • Understanding the meaning and significance of the ICMP Type and Code fields is essential to recognizing individual ICMP messages and what they are trying to communicate • ICMP message structures and functions can vary, depending on the information that any such message seeks to convey Guide to TCP/IP, Second Edition

More Related