19531 - telematics · ipv4 recapitulation address block description reference 0.0.0.0/8 current...

19531 - Telematics8th Tutorial - IP, ARP, ICMP, DHCP & NAT

Bastian Blywis

Department of Mathematics and Computer ScienceInstitute of Computer Science16. December, 2010

Institute of Computer Science – Telematics Tutorial – 16. December, 2010 1

Outline

1. Network Components

2. End of the Ethernet Frame

3. LLC Classes

4. MTU

5. Network Components

6. Subnets

7. Internet Protocol Version 4

8. Checksum

9. Address Resolution Protocol

10. Self-Configuration

11. Tracing

12. Address Translation

13. ICMP


Network Components

Name the function(-s) of the following network compo-nents:

– Repeater– Hub– Switch– Bridge– Router– Gateway

Which “data” do they handle and on which layer of theISO/OSI reference model do they operate?

?? ?Institute of Computer Science – Telematics Tutorial – 16. December, 2010 3

Network Components

– Repeater– Receives a signal and retransmits it at a higher power

(amplifies)– Dumb device, does not know and care about frames– Increases range of network– Layer 1

– Hub– Connects multiple stations together– Creates a network segment (bus topology)– Also called multi-port repeater– Dumb device, does not know and care about frames– Collisions can happen; single collision domain– Usually do not amplify signals– Layer 1


Network Components

– Switch– Connects multiple stations together– Connects network segments– Evaluates header of frames– Learns topology and limits broadcasts– Checks for frame errors– Several forwarding techniques, e.g., (virtual) cut-through– Layer 2– Managed switches provide much more, e.g., telnet or web

interface (and thus layer 3-7 services)

– Bridge– Same as switch but connect different LANs– Usually behaves as defined in IEEE 802.1d– Bridges create different collision domains at their ports– Term often times synonymously used like switch– Layer 2


Network Components

– Router– Software and/or hardware for routing and forwarding data of packets (datagrams)– Connects logical subnets– Router knows output interface for each destination based on IP configuration of

interfaces (usually also stored in routing table) or learned by routing protocol– Routing is often implemented in the application layer although it is a network layer

service– Routers usually do not flood datagrams if output interface is unknown but use default

route– Layer 3

– Gateway– “Protocol translator”– Several different definitions– Layer 4-7 (sometimes also includes lower layers)

Note: Hardware routers usually also contain a switch/bridgeQuestion: Are there actually layer 3 and layer 4 switches?


End of the Ethernet Frame

– Compared to the IEEE 802.3 frame the Ethernetframe has no length but a type field.

– How can a network interface card actually detectthe end of the frame? ?? ?


End of the Ethernet Frame

– Frame end detection depends on particular host-to-network technology– Ethernet II: idle state detection of Manchester line code, no raising or falling edge

for some specific time– Interframe gap (12 bytes = 9.6 µs in older Ethernet variants)– Alternative: Stop flag at the end of the frame (line signaling)– Alternative: Out-of-band signaling, separate clock line


LLC Classes

– As discussed in the 5th tutorial, there are differentLogical Link Control classes.

– How do stations actually know which classes aresupported by the others? ?? ?


LLC Classes

– All LLC implementations must support class 1 (unacknowledged, connection-less)– Required support of unnumbered format commands

– Unnumbered information (UI)– eXchange IDentification (XID)– TEST link (TEST)

– XID response contains supported LLC class/types (see page 52 in IEEE802.2-1998)


MTU

What is the Maximum Transfer Unit (MTU) and why is itrelevant for bridging and routing? ?? ?Institute of Computer Science – Telematics Tutorial – 16. December, 2010 11

MTU

– MTU defines maximum size of payload in frame– Packets have to be fragmented if MTU is too low– Not all host-to-network technologies support fragmentation

– IEEE 802.3 does not support fragmentation– IEEE 802.11 supports fragmentation to increase reliability

– Packets will be dropped if fragmentation is not supported

MTU Technology

1,5001 Ethernet4,352 FDDI4,464 IEEE 802.5 (4 Mbps)

17,914 IEEE 802.5 (16 Mbps)2,312 IEEE 802.11

Table: Some MTU values

1MTU can actually be larger to enable VLANs and there are also so-called Jumbo frames


Network Components

– Discuss the tasks of the network layer and how itdiffers from the lower and upper layers.

– Name network layer protocols and their historicalas well as current relevance. ?? ?


Network Components

Tasks of the network layer:– Data transmission over large distances, between heterogenous sub-networks– Addressing– Routing– Quality of Service (QoS) issues– Usually connection-less communication


Network Components

– Layer 1-2 protocol for communication between adjacent hosts on LAN– Layer 1-2 protocol is specific for LAN⇒ protocol header is not preserved but replaced

– Layer 3 protocol for communication between distant hosts– Layer 3 protocol supported by all nodes between source and destination⇒

protocol header is preserved and modified in network– Layer 4-7 protocols for communication between source and destination

Layer 3

Layer 7to

Layer 4

Layer 2and

Layer 1

Layer 3

Layer 7to

Layer 4

Layer 2and

Layer 1

Layer 3

Layer 2and

Layer 1

Layer 3

Layer 2and

Layer 1Source DestinationRouter Router

But: much more complex today with tunneling, NAT, traffic shaping, load balancing, . . .


Network Components

Network layer protocols:– DoD Standard Internet Protocol (IPv3)– Internetwork Packet Exchange (IPX), ISO/OSI– Datagram Delivery Protocol (DDP), AppleTalk– Internet Protocol Security (IPsec)– Internet Group Management Protocol (IGMP)– The swIPe IP Security Protocol (SwIPe)– ARP, ICMP, . . .


IPv4 Recapitulation

– 32 bit addresses, but not 232 for unicast or routable– Four octets: A.B.C.D– Network and Host part, defined by subnet mark (deprecated)– Class-less Inter-Domain Routing (CIDR); format: 160.45.128.0/17

Information Sciences Institute University of Southern California InternetProtocolRFC 791, 1981


IPv4 Recapitulation

Address block Description Reference

0.0.0.0/8 Current network (only valid as source address) RFC 170010.0.0.0/8 Private network RFC 191814.0.0.0/8 Public data networks (reclaimed) RFC 1700127.0.0.0/8 Loopback RFC 3330128.0.0.0/16 Reserved RFC 3330169.254.0.0/16 Link-Local RFC 3927172.16.0.0/12 Private network RFC 1918191.255.0.0/16 Reserved RFC 3330192.0.0.0/24 Reserved RFC 3330192.0.2.0/24 Documentation and example code (TEST-NET) RFC 3330192.88.99.0/24 IPv6 to IPv4 relay RFC 3068192.168.0.0/16 Private network RFC 1918198.18.0.0/15 Network benchmark tests RFC 2544223.255.255.0/24 Reserved RFC 3330224.0.0.0/4 Multicasts (former Class D network) RFC 3171240.0.0.0/4 Reserved (former Class E network) RFC 1700255.255.255.255 Broadcast

Table: Reserved IPv4 Address Blocks (excerpt)


IPv4 Recapitulation0 4 8 16 19 31

Version IHL Diff. Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol = 17 Header Checksum

Source

Destination

Options

Payloadhhhhhhhhhhhhhhhhhhhhhhhh

hhhhhhhhhhhhhhhhhhhhhhhh

Figure: IPv4 Header Format with marked “problematic” fields


IPv4 Recapitulation

Copy Class Option Length Description RFC

0 0 0 1 End of options list. RFC 7910 0 1 1 NOP RFC 7911 0 130 11 Security RFC 791, RFC 11081 0 131 variable Loose Source Route RFC 7910 2 68 variable Time stamp RFC 781, RFC 7911 0 133 3 to 31 Extended Security RFC 11081 0 134 Commercial Security0 0 7 variable Record Route RFC 7911 0 136 4 Stream Identifier RFC 791, RFC 11221 0 137 variable Strict Source Route RFC 7910 0 10 Experimental Measurement0 0 11 4 MTU Probe. (obsolete) RFC 1063, RFC 11910 0 12 4 MTU Reply. (obsolete) RFC 1063, RFC 11911 2 205 Experimental Flow Control1 0 142 Expermental Access Control0 0 15 ENCODE1 0 144 IMI Traffic Descriptor1 0 145 variable Extended Internet Protocol RFC 13850 2 82 12 Traceroute RFC 13931 0 147 10 Address Extension RFC 14751 0 148 4 Router Alert RFC 21131 0 149 6 to 38 Selective Directed Broadcast

ModeRFC 1770

1 0 150 Unassigned1 0 151 Dynamic Packet State1 0 152 Upstream Multicast Packet0 0 25 QS, Quick-Start RFC 47820 0 30 EXP - RFC3692-style Experiment RFC 47270 2 94 EXP - RFC3692-style Experiment RFC 47271 0 158 EXP - RFC3692-style Experiment RFC 47271 2 222 EXP - RFC3692-style Experiment RFC 4727

Table: IPv4 OptionsInstitute of Computer Science – Telematics Tutorial – 16. December, 2010 20

IPv4 Recapitulation

IPv4 Issues:– Checksum only for header, usually layer 2 (e.g. Ethernet) and layer 4 (e.g. TCP)

provide error detection– Variable length header– Three fields required for fragmentation– Fragmentation is not desired and should be avoided– Type of Service was not widely implemented⇒ Differentiated Services– Many options seldom used or implemented by routers– Fragmentation and options may require padding– Time To Live (TTL) field does not refer to time anymore but limits the number of

hops– Address depletion⇒ IPv6– Address space is fragmented– Address Resolution Protocol (ARP) for layer 3 to layer 2 mapping required– Security (IPsec), traffic shaping, and virtual connections are optional and not

integral components


Subnets

– Assign IP addreses for the devices in the networkdepicted above. You have the IP block137.226.0.0/16 available and should come up witha good assignment of addresses for the networks.

– Specify the routing tables of all routers. Assumethat Router 1 has an additional connection to theInternet. Based on the routing information, eachrouter should be able to determine where allpackets have to be forwarded to.


Subnets ?? ?Institute of Computer Science – Telematics Tutorial – 16. December, 2010 23

Subnets

The overall plan:– All entities in each LAN are in the same IP subnet– Each router has two network interface cards: one in each subnetwork it connects– Hosts in a particular LAN get an IP that belongs to the particular subnet– The default route goes through Router 1 into the Internet– The minimal number of bits is used for the subnet addressing to maximize the

number of host addresses for each subnet– Some few subnets will remain unused


Subnets

The network mask network 137.226.0.0/16 is:

11111111.11111111.00000000.00000000 (= 255.255.0.0)

There are five subnets and thus need 3 bits are required to address the subnets. Thesubnet masks is:

11111111.11111111.11100000.00000000 (= 255.255.224.0)

The following address ranges can be used by the subnets:

LAN Address Range

LAN 1 137.226.32.0 - 137.226.63.255 32 = 00100000, 63 = 00111111LAN 2 137.226.64.0 - 137.226.95.255 64 = 01000000, 95 = 01011111LAN 3 137.226.96.0 - 137.226.127.255 96 = 01100000, 127 = 01111111LAN 4 137.226.128.0 - 137.226.159.255 128 = 10000000, 159 = 10011111LAN 5 137.226.160.0 - 137.226.191.255 160 = 10100000, 191 = 10111111


Subnets

Each router has two network interface cards:

IF1IF2IF2

IF3

IF3

IF4IF4

IF5


Subnets

Device Adress

Router 1 IF1: 137.226.32.1IF2: 137.266.64.1

Router 2 IF2: 137.226.64.2IF3: 137.226.96.1

Router 3 IF3: 137.226.96.2IF4: 137.226.128.1

Router 4 IF4: 137.226.128.2IF5: 137.226.160.1

Host 1 137.226.64.3Host 2 137.226.128.3


Subnets

Router Target network Interface Gateway

Router 1 137.226.32.0/19 IF1 *137.226.64.0/19 IF2 *137.226.96.0/19 IF2 137.226.64.2137.226.128.0/19 IF2 137.226.64.2137.226.160.0/19 IF2 137.226.64.2default IFI “Internet”

Router 2 137.226.32.0/19 IF2 137.226.64.1137.226.64.0/19 IF2 *137.226.96.0/19 IF3 *137.226.128.0/19 IF3 137.226.96.2137.226.160.0/19 IF2 137.226.96.2default IF2 137.226.64.1

Table: Routing tables for routers 1 and 2


Subnets

Router Target network Interface Gateway

Router 3 137.226.32.0/19 IF3 137.226.96.1137.226.64.0/19 IF3 137.226.96.1137.226.96.0/19 IF3 *137.226.128.0/19 IF4 *137.226.160.0/19 IF4 137.226.128.2default IF3 137.226.96.1

Router 4 137.226.32.0/19 IF4 137.226.128.1137.226.64.0/19 IF4 137.226.128.1137.226.96.0/19 IF4 137.226.128.1137.226.128.0/19 IF4 *137.226.160.0/19 IF5 *default IF4 137.226.128.1

Table: Routing tables for routers 3 and 4


Internet Protocol Version 4

1. How large are IPv4 datagrams usually? Capturesome datagrams with Wireshark and evaluate yoursample.

2. What is the maximum size of IPv4 datagrams?

3. What happens when datagrams get very large?

4. Consider the following scenario. 13.5 kByte of datashall be send from host A to host B using IP asnetwork layer protocol. How large is the protocoloverhead? What happens when the datagramshave to pass a network with a MTU of 500 Bytesand how does this change the overhead?

5. How are datagrams handled by routers when theDF flag is set in the flag field?

6. What purpose has the Type of Service (TOS) fieldin the IP header?



– Common length of IPv4 datagrams is [1− 1500] Byte, due to the assumption thatthe MTU is 1500

– Maximum length of datagram is 216 (16 bit length field in header)– Routers have to be prepared to accept datagrams of up to 576 Bytes (see

RFC 791)– Fragmentation of datagrams by routers when MTU is to low– Fragments are reassembled at destination– In some specific cases, e.g., NAT the fragments are not reassembled by the

destination– Routers shall generate the minimum number of fragments



S D

m n

MTU=1500 MTU=500

X

MTU1500 case:

13.5 kB/1480 ⇒ 10 datagrams (9 ∗ 1480 + 1 ∗ 180) (1)

header overhead = 10 ∗ 20 Byte (2)

200/13.700 ≈ 0.015 (3)

MTU1500 + MTU500 case:

(overhead MTU1500 path + overhead MTU500 path)/(m + n) (4)

9 ∗ 1480 Byte packet ⇒ 9 ∗ (3 ∗ 480 + 1 ∗ 40 Byte) + 9 ∗ 4 ∗ 20 Byte (5)

1 ∗ 180 Byte packet ⇒ 1 ∗ 180 Byte + 1 ∗ 20 Byte (6)0.015 ∗m + 0.055 ∗ n

m + n; m = 8, n = 5⇒ 0.030 (7)



0 1 2

reserved = 0 Don’t Fragment More Fragments

Figure: Flag field in the IPv4 header (3 bits)

– If the DF flag is set and the datagram is > MTU, the router drops the packet– ICMP Destination Unreachable message generated (Code = 4)– Can be used for (path) MTU discovery but there is also an IP option (see

RFC 1063)– Most applications do not set the DF flag– IPv6 does not support fragmentation any more



0 2 3 4 5 6 7

Precedence D T R 0 0

Figure: Type of service field in the IPv4 header (8 bits)

Precedence: priority from 0 (normal) to 7 (network control packet)

Delay: specify delay as metric

Throughput: specify throughput as metric

Reliability: specify reliability as metric

Network Working Group Type of Service in the Internet Protocol SuiteRFC 1349, 1992



0 5 6 7

DSCP ECN

Figure: Differentiated service field in the IPv4 header

DSCP: differentiated services codepoint to select Per-hop Behavior (PHB)

ECN: Explicit Congestion Notification

Network Working Group Definition of the Differentiated Services Field (DS Field)in the IPv4 and IPv6 HeadersRFC 2474, 1998

Network Working Group An Architecture for Differentiated ServicesRFC 2475, 1998

Network Working Group The Addition of Explicit Congestion Notification (ECN)to IPRFC 3168, 2001



– Coarse-grained, class-based mechanism– Classification based on e.g. source or destination addresses– Priority configuration left to the network administrator– DiffServ domain (group of routers) implements common, administratively defined

DiffServ policies

Network Working Group An Expedited Forwarding PHB (Per-Hop Behavior)RFC 3246, 2002

Network Working Group Assured Forwarding PHB GroupRFC 2597, 1999

Network Working Group New Terminology and Clarifications for DiffservRFC 3260, 2002

See also: http://www.iana.org/assignments/dscp-registry/


http://www.iana.org/assignments/dscp-registry/

Checksum

The Internet Protocol as well as other protocols use acommon checksum algorithm.

1. How is the algorithm called?

2. Give a (pseudo) code implementation.

3. Calculate the checksum over the followingsequence of bytes: 0x00, 0x01, 0xf2, 0x03, 0xf4,0xf5, 0xf6, 0xf7


Checksum

– RFC 1071 - Computing the Internet checksum– RFC 1144 - Incremental Updating of the Internet Checksum– RFC 1624 - Computation of the Internet Checksum via Incremental Update

Used by: IPv4, UDP, and TCP


Checksum

u i n t 1 6 t inetcsum ( u i n t 8 t ∗ addr , u i n t 1 6 t count ) {u i n t 3 2 t sum = 0; / / accumulator

while ( count > 1 ) { / / add a l l 16 b i t wordssum += ∗ ( ( u i n t 1 6 t ∗) addr ) ; / / to the accumulatoraddr += 2;count −= 2;

}

i f ( count > 0 ) / / add the l a s t 8 b i t to the accumulatorsum += ∗addr ; / / i f count % 2 = 1

while (sum>>16) / / add upper 16−b i t o f accumulator tosum = (sum & 0 x f f f f ) + (sum >> 16 ) ; / / lower ones , u n t i l r e s u l t

/ / f i t s i n 16 b i t

return htons ( ˜ sum ) ; / / r e t u r n one ’ s complement}

inetcsum ({0x00 ,0 x01 ,0 xf2 ,0 x03 ,0 xf4 ,0 xf5 ,0 xf6 ,0 x f7 } , 8)=0x220D


Address Resolution Protocol

1. What is the task of ARP?

2. How does the protocol work?

3. Are there security issues? ?? ?Institute of Computer Science – Telematics Tutorial – 16. December, 2010 40


– Layer 3 protocol, link local usage– Determines layer 2 address for layer 3 address– Mostly used with Ethernet and IP but can be used with other addresses– Vital for communication– Internet Standard STD 37– Used to detect layer 3 address conflicts– ARP-Proxies enable layer 2 communication in spatially divided LANs

Network Working Group An Ethernet Address Resolution ProtocolRFC 826, 1982



0 7 8 15

Hardware Type

Protocol Type

Hardware Address Length Protocol Address Length

Operation

Sender Hardware Address

Sender Protocol Address

Target Hardware Address

Target Protocol Address

Figure: ARP packet format



Address resolution:

1. Host A = AIP , AMAC wants to send a datagram to BIP on the same LAN

2. BIP to BMAC mapping is not in ARP cache of host A3. Host A sends ARP request, opcode = 0x01: “Who has BIP? Tell AIP ”

– Sender MAC address: AMAC– Sender IP address: AIP– Target MAC address: 00:00:00:00:00:00– Target IP address: BIP

4. Host B receives ARP request and replies, opcode = 0x02: “AIP is at AMAC ”– Sender MAC address: BMAC– Sender IP address: BIP– Target MAC address: AMAC– Target IP address: AIP

5. BIP → BMAC is stored in A’s ARP cache

6. Other host on the LAN also learn mapping

7. Ethernet frame for datagram is created and send to B



ARP announcements:– Host can announce IP or MAC address changes– Detection of conflicts– Gratuitous ARP messages

– Request– Sender protocol address := target protocol addresses– Sender hardware address := sender hardware address– Target hardware address := FF:FF:FF:FF:FF:FF

– Reply– Sender protocol address := target protocol addresses– Sender hardware address := target hardware addresses



– Basically no security– ARP spoofing/ARP cache poisoning

– Denial of service attack– Man in the middle attack

– ARP cache flooding (and also MAC flooding)– ARP table size has often a limit– Older/unused entries can be removed to free space– Some dump switches go into hub mode when table overflows– Can be prevented when switches accept only one MAC address at a time per port

– ARP Flux

Listing 1: MAC Flooding Examplefrom scapy . a l l import ∗while 1:

eth = Ether ( )eth . s rc = RandMAC( )eth . ds t = RandMAC( )eth . type = 0x0800data = [0 xFF]∗128sendp ( eth / data , i f a c e = ’ eth0 ’ )



Task Tools

Monitoring arpwatch, arpalert, XArpDefense ArpONSpoofing arpspoof, ettercap, nemesis, scapy

Miscellaneous arping, arptables

Table: ARP-related Tools


Self-Configuration

– How can hosts self-configure their network layeraddress?

– Name and discuss three protocols. ?? ?Institute of Computer Science – Telematics Tutorial – 16. December, 2010 47

Self-Configuration

Reverse look-up: get layer 3 address based on layer 2 address– Reverse-ARP (RARP): RFC 903– Bootstrap Protocol (BOOTP): RFC 951, RFC 1048, RFC 1084– Dynamic Host Configuration Protocol (DHCP): RFC 2131, RFC 2132


Self-Configuration

Reverse-ARP (RARP)– RARP server has list of mappings– Clients sends request, opcode = 0x03

– Sender protocol address := undefined– Sender hardware address := sender hardware address– Target protocol address := undefined– Target hardware address := FF:FF:FF:FF:FF:FF

– RARP server replies, opcode = 0x04– Sender protocol address := RARP server layer 3 address– Sender hardware address := RARP server layer 2 address– Target protocol address := assigned layer 3 address– Target hardware address := hardware address of the requester

– RARP server required in each network– Broadcast not forwarded, no proxy function– Limited to IP– Limited IP configuration (no subnet mask and gateway)


Self-Configuration

Bootstrap Protocol (BOOTP)– Uses UDP– Messages are forwarded by routers– Supports diskless workstations– Provides subnet mask for IP address and gateway– Requires manual configuration of the mapping


Self-Configuration

Dynamic Host Configuration Protocol (DHCP)– Extension of BOOTP– For large networks with changing topology– Supports manual, automatic, and dynamic IP assignment– Addresses are leased for a certain time, leases have to be updated– Messages are forwarded by DHCP relay agents


Tracing

– How can IP be used to trace the route between twohosts?

– Discuss different approaches and if they alwayswork! ?? ?


Tracing

Approaches:– Time-To-Live (TTL) field + ICMP Time Exceeded message– IP Traceroute Option: RFC 1393– IP Record Route Option: RFC 791

Tracing can fail:– Routers do not support IP options– Routers send no ICMP Time Exceeded message– Tunnels, e.g., MPLS not visible for the network layer

Selection of Tools:– ping -R– traceroute, traceroute6, tracert– tracepath, tracepath6– mtr– pathping– traceproto– lft


Address Translation

– What is NAT and why is it necessary?– What types of NAT are available and what are their

differences?– What problems can arise when using NAT? ?? ?


Address Translation

– Limited space of routable addresses– Not all computers require network access all the time– Translation between public and a private network address– Often also port translation: NAPT or PAT


Address Translation

– Source-NAT– Address translation because of limited address space– Private subnetworks– Increases security a little bit

– Destination-NAT– Address translation to provide service with one particular address– Clients are assigned to one of many servers


Address Translation

NAT Variations– Full Cone

– NAT devices stores mapping between internal and external address and port number– Any inbound traffic is allowed to this internal address and port once mapping learned– Services can be provided to any external host

– Restricted Cone– NAT devices stores mapping between internal and external address and port number– Inbound traffic from unknown external address and port is blocked– Prevents provision of services

– Symmetric– Mappings from internal to external address and port are dependent on destination

address– Inbound traffic from unknown external address and port is blocked– Limits tracking of user behavior– Prevents provision of services

Network Working Group STUN - Simple Traversal of User Datagram Protocol(UDP) Through Network Address Translators (NATs)RFC 3489, 2003


Address Translation

Problems– Violation of the architectural model of IP (address for unique identification of a

host)– Introduces connection-oriented aspects in a connection-less “environment”– NAT device as point of failure→ TCP– Violates fundamental rule of protocol layering→ TCP– NAT devices often only support TCP and UDP– Some application layer protocols embed network address in message– Applications that open second (inbound) connection might fail– Mapping based on port number limits number of hosts– For some applications detection of the NAT variant is required

Tanenbaum, Computer Networks:

“. . . many people in the IP community regard it as anabomination-on-the-face-of-the-earth.”


ICMP

– What services are provided by ICMP?– Which of these services are superseded by other

protocols or used very rarely? ?? ?Institute of Computer Science – Telematics Tutorial – 16. December, 2010 59

ICMP

0 7 15 23

Type Code Checksum

ID Sequence number

Data (optional)

Figure: ICMP packet format

Network Working Group STUN - Simple Traversal of User Datagram Protocol(UDP) Through Network Address Translators (NATs)RFC 3489, 2003


ICMP

Code Description

0 net unreachable1 host unreachable2 protocol unreachable3 port unreachable4 fragmentation needed and DF set5 source route failed

Table: Code field example for Destination Unreachable messages


ICMP

Type Message Commonly used

0 Echo Reply ×1-2 Reserved

3 Destination Unreachable ×4 Source Quench ×5 Redirect ×8 Echo Request ×9 Router Advertisement ×

10 Router Solicitation ×11 Time Exceeded ×12 Parameter Problem ×13 Timestamp - (replaced by NTP)14 Timestamp Reply - (replaced by NTP)15 Information Request - (replaced by DHCP)16 Information Reply - (replaced by DHCP)17 Address Mask Request ×18 Address Mask Reply ×19 Reserved (for Security)

20-29 Reserved (for Robustness Experiment)30 Traceroute ×31 Datagram Conversion Error ×32 Mobile Host Redirect -33 IPv6 Where-Are-You - (replaced by ICMPv6)34 IPv6 I-Am-Here - (replaced by ICMPv6)35 Mobile Registration Request -36 Mobile Registration Reply -37 Domain Name Request - (replaced by DNS)38 Domain Name Reply - (replaced by DNS)39 SKIP - (replaced by IKE)40 Photuris - (replaced by IKE)41 ICMP messages utilized by experimental mobility protocols such as Seamoby -

42-255 Reserved


The Last SlideTM

Thank you for your attention.Questions?


19531 - telematics · ipv4 recapitulation address block description reference 0.0.0.0/8 current...

Documents