The Internet Control Message Protocol, or ICMP, described in RFC 792, specifies a variety of messages whose common purpose is to manage the network. ICMP messages might be classified as either error messages or queries and responses. Figure 1 shows the general ICMP packet format. The packets are identified by type; many of the packet types have more specific types, and these are identified by the code field. Table 1 lists the various ICMP packet types and their codes, as described in RFC 1700.
Table 1. ICMP packet types and code fields. | ||
| Type | Code | Name |
| 0 | 0 | ECHO REPLY |
| 3 |
| DESTINATION UNREACHABLE |
| 0 | Network Unreachable | |
| 1 | Host Unreachable | |
| 2 | Protocol Unreachable | |
| 3 | Port Unreachable | |
| 4 | Fragmentation Needed and Don't Fragment Flag Set | |
| 5 | Source Route Failed | |
| 6 | Destination Network Unknown | |
| 7 | Destination Host Unknown | |
| 8 | Source Host Isolated | |
| 9 | Destination Network Administratively Prohibited | |
| 10 | Destination Host Administratively Prohibited | |
| 11 | Destination Network Unreachable for Type of Service | |
| 12 | Destination Host Unreachable for Type of Service | |
| 4 | 0 | SOURCE QUENCH (deprecated) |
| 5 |
| REDIRECT |
| 0 | Redirect Datagram for the Network (or Subnet) | |
| 1 | Redirect Datagram for the Host | |
| 2 | Redirect Datagram for the Network and Type of Service | |
| 3 | Redirect Datagram for the Host and Type of Service | |
| 6 | 0 | ALTERNATE HOST ADDRESS |
| 8 | 0 | ECHO |
| 9 | 0 | ROUTER ADVERTISEMENT |
| 10 | 0 | ROUTER SELECTION |
| 11 |
| TIME EXCEEDED |
| 0 | Time to Live Exceeded in Transit | |
| 1 | Fragment Reassembly Time Exceeded | |
| 12 |
| PARAMETER PROBLEM |
| 0 | Pointer Indicates the Error | |
| 1 | Missing a Required Option | |
| 2 | Bad Length | |
| 13 | 0 | TIMESTAMP |
| 14 | 0 | TIMESTAMP REPLY |
| 15 | 0 | INFORMATION REQUEST (Obsolete) |
| 16 | 0 | INFORMATION REPLY (Obsolete) |
| 17 | 0 | ADDRESS MASK REQUEST (Near-obsolete) |
| 18 | 0 | ADDRESS MASK REPLY (Near-obsolete) |
| 30 | - | TRACEROUTE |
Example 1 and Example 2 show analyzer captures of two of the most well-known ICMP messagesEcho Request and Echo Reply, which are used by the ping function.
Example 1. ICMP Echo message, shown with its IPv4 header.
Internet Protocol, Src Addr: 172.16.1.21 (172.16.1.21), Dst Addr: 198.133.219.25 (198.133.219.25) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 84 Identification: 0xabc3 (43971) Flags: 0x00 Fragment offset: 0 Time to live: 64 Protocol: ICMP (0x01) Header checksum: 0x8021 (correct) Source: 172.16.1.21 (172.16.1.21) Destination: 198.133.219.25 (198.133.219.25)Internet Control Message Protocol Type: 8 (Echo (ping) request) Code: 0 Checksum: 0xa297 (correct) Identifier: 0x0a40 Sequence number: 0x0000 Data (56 bytes) 0000 40 fd ab c2 00 0e 73 57 08 09 0a 0b 0c 0d 0e 0f @.....sW........0010 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................0020 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./0030 30 31 32 33 34 35 36 37 01234567 Example 2. ICMP Echo Reply.
Internet Protocol, Src Addr: 198.133.219.25 (198.133.219.25), Dst Addr: 172.16.1.21 (172.16.1.21) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) Total Length: 84 Identification: 0xabc3 (43971) Flags: 0x00 Fragment offset: 0 Time to live: 242 Protocol: ICMP (0x01) Header checksum: 0xce20 (correct) Source: 198.133.219.25 (198.133.219.25) Destination: 172.16.1.21 (172.16.1.21)Internet Control Message Protocol Type: 0 (Echo (ping) reply) Code: 0 Checksum: 0xaa97 (correct) Identifier: 0x0a40 Sequence number: 0x0000 Data (56 bytes) 0000 40 fd ab c2 00 0e 73 57 08 09 0a 0b 0c 0d 0e 0f @.....sW........0010 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................0020 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./0030 30 31 32 33 34 35 36 37 01234567
Although most ICMP types have some bearing on routing functionality, three types are of particular importance:
· Router Advertisement and Router Selection, types 9 and 10, respectively, are used by the ICMP Router Discovery Protocol (IRDP), a protocol used by some operating systems (such as most versions of Microsoft Windows) to discover local routers.
· Redirect, ICMP type 5, is used by routers to notify hosts of another router on the data link that should be used for a particular destination. Suppose two routers, Router A and Router B, are connected to the same Ethernet. Host X, also on the Ethernet, is configured to use Router A as its default gateway; the host sends a packet to Router A, and A sees that the destination address of the packet is reachable via Router B (that is, Router A must forward the packet out the same interface on which it was received). Router A forwards the packet to B but also sends an ICMP redirect to host X informing it that in the future, to reach that particular destination, X should forward the packet to Router B. Example 3 shows a router sending a redirect.
Example 3. Using the debugging function debug ip icmp, this router can be seen sending a redirect to host 10.158.43.25, informing it that the correct router for reaching destination 10.158.40.1 is reachable via gateway (gw) 10.158.43.10.
Pip#debug ip icmpICMP packet debugging is onICMP: redirect sent to 10.158.43.25 for dest 10.158.40.1, use gw 10.158.43.100Pip#An occasionally used trick to avoid redirects on data links with multiple attached gateways is to set each host's default gateway as its own IPv4 address. The hosts will then ARP for any address, and if the address is not on the data link, the correct router should respond via proxy ARP. The benefits of using this tactic merely to avoid redirects are debatable; redirects are decreased or eliminated, but at the expense of increased ARP traffic. Redirects are enabled by default in IOS and might be disabled on a per interface basis with the command no ip redirects.
Tidak ada komentar:
Posting Komentar