Covering ICMP (Ch 9) and IGMP (Section 12.3)

Dr. Clincy Lecture 1

Covering ICMP (Ch 9) and IGMP (Section 12.3)


Chapter Chapter 99

Internet Control Message ProtocolInternet Control Message Protocol


Recall - (1) Explain Creating a TableRecall – (2) Explain How the Router Uses the Table

Mask Destination Next Hop I.

255.255.0.0 134.18.0.0 -- m0

255.255.0.0 129.8.0.0 222.13.16.40 m1

255.255.255.0 220.3.6.0 222.13.16.40 m1

0.0.0.0 0.0.0.0 134.18.5.2 m0

U

UG


ICMP

IP, as an unreliable protocol, is not concerned with error IP, as an unreliable protocol, is not concerned with error checking and error control. ICMP was designed, in part, to checking and error control. ICMP was designed, in part, to compensate for this shortcoming. ICMP does not correct compensate for this shortcoming. ICMP does not correct errors, it simply reports them. errors, it simply reports them.

ICMP messages are divided into error-reporting messages and ICMP messages are divided into error-reporting messages and query messages. The error-reporting messages report problems query messages. The error-reporting messages report problems that a router or a host (destination) may encounter. The query that a router or a host (destination) may encounter. The query messages get specific information from a router or another host. messages get specific information from a router or another host.


ICMP encapsulation


ICMP messages


9.2 MESSAGE FORMAT

An ICMP message has an 8-byte header and a variable-size data An ICMP message has an 8-byte header and a variable-size data section. Although the general format of the header is different for section. Although the general format of the header is different for each message type, the first 4 bytes are common to all. each message type, the first 4 bytes are common to all.


Error-reporting messages

ICMP always reports error messages to the original source.


The following are important points about ICMP error messages:

No ICMP error message will be generated in response to a datagram carrying an ICMP error message.

No ICMP error message will be generated for a fragmented datagram that is not the first fragment.

No ICMP error message will be generated for a datagram having a multicast address.

No ICMP error message will be generated for a datagram having a special address such as 127.0.0.0 or 0.0.0.0.

Note:Note:


Destination-unreachable format

Destination-unreachable messages with codes 2 or 3 can be created only by the destination

host.

Other destination-unreachable messages can be created only by routers.


Source-quench format

NOTE: IP doesn’t have Flow Control.

A source-quench message informs the source that a datagram has been discarded due to

congestion in a router or the destination host.

The source must slow down the sending of datagrams until the congestion is relieved.


Time-exceeded message formatWhenever a router decrements a datagram with a time-

to-live value to zero, it discards the datagram and sends a time-exceeded message to the original source.

When the final destination does not receive all of the fragments in a set time, it discards the received

fragments and sends a time-exceeded message to the original source.

In a time-exceeded message, code 0 is used only by routers to show that the value of the time-to-live field is zero. Code 1 is used only by the destination host to show that not all of the fragments have

arrived within a set time.


Parameter-problem message format

A parameter-problem message can be created by a router or the destination

host.


Redirection concept

A redirection message is sent from a router to a host on the same local network.

A host usually starts with a small routing table that is gradually augmented and updated. One of the tools to accomplish this is the redirection message.

Router forwards packet to correct router and sends “redirection” message to host so host can correct table


9.4 QUERY

ICMP can also diagnose some network problems through the ICMP can also diagnose some network problems through the query messages, a group of four different pairs of messages. In query messages, a group of four different pairs of messages. In this type of ICMP message, a node sends a message that is this type of ICMP message, a node sends a message that is answered in a specific format by the destination node. answered in a specific format by the destination node.

The topics discussed in this section include:The topics discussed in this section include:Echo Request and ReplyEcho Request and ReplyTimestamp Request and ReplyTimestamp Request and ReplyAddress-Mask Request and ReplyAddress-Mask Request and ReplyRouter Solicitation and AdvertisementRouter Solicitation and Advertisement


Echo-request and echo-reply messages

An echo-request message can be sent by a host or router. An echo-reply message is sent by the host or router which receives an echo-

request message.

Echo-request and echo-reply messages can be used by network managers to check the operation of the IP protocol.

Echo-request and echo-reply messages can test the reachability of a host. This is usually done by invoking the ping command.


Timestamp-request and Timestamp-reply message format

Timestamp-request and timestamp-reply messages can be used to calculate the round-trip time between a source and a destination

machine even if their clocks are not synchronized.

The timestamp-request and timestamp-reply messages can be used to synchronize two clocks in two machines if the exact one-way time

duration is known.


Mask-request and mask-reply message format

Mask-request and Mask-reply messages can be used to get a mask for a particular IP address


Router-solicitation/advertisement message format

Router-Advertisement Message – router uses this message in gathering info on the other routers connected to the same network

Router-Solicitation Message – router uses this message in determining if adjacent routers are alive or not


ICMP CHECKSUM

In ICMP the checksum is calculated over the entire message In ICMP the checksum is calculated over the entire message (header and data). (header and data).


9.6 DEBUGGING TOOLS

We introduce two tools that use ICMP We introduce two tools that use ICMP for debugging: for debugging: pingping and and traceroute.traceroute.

The topics discussed in this section include:The topics discussed in this section include:

PingPingTracerouteTraceroute


We use the ping program to test the server fhda.edu. The result is shown below:

$ ping fhda.eduPING fhda.edu (153.18.8.1) 56 (84) bytes of data.64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=0 ttl=62 time=1.91 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=1 ttl=62 time=2.04 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=2 ttl=62 time=1.90 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=3 ttl=62 time=1.97 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=4 ttl=62 time=1.93 ms

The ping program operation

64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=5 ttl=62 time=2.00 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=6 ttl=62 time=1.94 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=7 ttl=62 time=1.94 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=8 ttl=62 time=1.97 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=9 ttl=62 time=1.89 ms64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=10 ttl=62 time=1.98 ms

--- fhda.edu ping statistics ---11 packets transmitted, 11 received, 0% packet loss, time 10103ms

rtt min/avg/max = 1.899/1.955/2.041 ms


We use the traceroute program to find the route from the computer voyager.deanza.edu to the server fhda.edu. The following shows the result:

Trace Route

$ traceroute fhda.edutraceroute to fhda.edu (153.18.8.1), 30 hops max, 38 byte packets1 Dcore.fhda.edu (153.18.31.254) 0.995 ms 0.899 ms 0.878 ms2 Dbackup.fhda.edu (153.18.251.4) 1.039 ms 1.064 ms 1.083 ms3 tiptoe.fhda.edu (153.18.8.1) 1.797 ms 1.642 ms 1.757 ms


Ch 12.3: Internet GroupCh 12.3: Internet GroupManagement ProtocolManagement Protocol


Position of IGMP in the network layer

Unicast – one-to-one relationship

Multicast – one-to-many relationship – IGMP helps facilitate that one-to-many relationship

Like ICMP, IGMP is a companion to IP

IGMP is NOT a multicast routing protocol – but rather a protocol that manages the group membership

IGMP gives the multicast routers info about the IGMP gives the multicast routers info about the membership status of hosts (routers) connected to membership status of hosts (routers) connected to the network. .the network. .


IGMP is a group management protocol. It helps a multicast router create and update

a list of loyal members related to each router interface.

(Visualize a set of “multicast” routers amongst a set of “unicast” routers – and IGMP’s job is to facilitate this communication and info

amongst the “multicast” routers”)

Note:Note:


IGMP MESSAGES

IGMP has three types of messages: the query, the membership IGMP has three types of messages: the query, the membership report, and the leave report. There are two types of query report, and the leave report. There are two types of query messages, general and special. messages, general and special.


IGMP message format

Shows the type of message

Amount of time a query must be answered in – 10ths of a second units

Checksum over the entire 8-byte message

0 for general query: contains group id for special query, membership report and leave report messages


IGMP OPERATION

A multicast router connected to a network has a list of multicast A multicast router connected to a network has a list of multicast addresses of the groups with at least one loyal member in that addresses of the groups with at least one loyal member in that network. For each group, there is one router that has the duty of network. For each group, there is one router that has the duty of distributing the multicast packets destined for that group. distributing the multicast packets destined for that group.

The topics discussed in this section include:The topics discussed in this section include:

Joining a GroupJoining a GroupLeaving a GroupLeaving a GroupMonitoring MembershipMonitoring Membership


IGMP operationA multicast router connected to a network has a list of multicast A multicast router connected to a network has a list of multicast addresses of the groups with at least one loyal member in that addresses of the groups with at least one loyal member in that network. For each group, there is one router that has the duty of network. For each group, there is one router that has the duty of distributing the multicast packets destined for that group. distributing the multicast packets destined for that group.

Routers R1, R2 and R list of groupids are mutually exclusive

A host can have a membership in a group – this means one of that host’s processes receives a multicast packet

A muticast router can have a membership in a group – this means one of that router’s interfaces receives a multicast packet


Membership report – Joining A GroupA host or router can join a group

A host maintains a list of processes that have group membership

If a process wants to join a group, the host adds process and the desired group to its list

If it is the first time entry, the host sends a “membership report” message to the distributing router (in order to receive multicast packets fro that desired group)

A router can join a group

A router maintains a list of interfaces that have group membership

If an interface wants to join a group, the router adds the interface and the desired group to its list

If it is the first time entry, the router sends a “membership report” message. The message is sent out of all interfaces other than one from which the new interest comes


In IGMP, a membership report is sent twice, one after the other.

(if the first is lost or damaged, the second one should make it.)

Note:Note:


Leave reportWhen a host (or router) sees that no process is interested in a specific group, it sends a leave report

After receiving a leave report, the router doesn’t automatic remove the groupid – there could be other interested hosts or interfaces – therefore the router sends a special query message – if no feedback is received in a specified amount of time – it then purges the groupid from the list


General query messageWhat about the case when there is only 1 host interested in a particular groupid and that host goes down ? Does the router maintain that groupid or what ?

The router periodically sends “general query” messages – the general query message queries for membership continuation for all groups (not just one) – if no response is received for a particular groupid (it is removed) – if more than one host/router are interested in the same group – only one host/router responds – cuts down on traffic


Delayed Response

If more than one host/router are interested in the same group – only one host/router responds – cuts down on traffic – how is this implemented ? Delayed Response

Each router needing to send a response has randomly generated wait times before sending a report FOR EACH group – because the reports are broadcasted – the router will know if some other router has already sent a report regarding the groupid (therefore relinquishing it from having to send a report


Imagine there are three hosts in a network as shown below.

Example 1

A query message was received at time 0; the random delay time (in tenths of seconds) for each group is shown next to the group address. Show the sequence of report messages.


SolutionThe events occur in this sequence:

Example 1 (Continued)

a. Time 12: The timer for 228.42.0.0 in host A expires and a membership report is sent, which is received by the router and every host including host B which cancels its timer for 228.42.0.0.

b. Time 30: The timer for 225.14.0.0 in host A expires and a membership report is sent, which is received by the router and every host including host C which cancels its timer for 225.14.0.0.

c. Time 50: The timer for 238.71.0.0 in host B expires and a membership report is sent, which is received by the router and every host.

d. Time 70: The timer for 230.43.0.0 in host C expires and a membership report is sent, which is received by the router and every host including host A which cancels its timerfore 230.43.0.0.

Note that if each host had sent a report for every group in its list, there would have been seven reports; with this strategy only four reports are sent.


Encapsulation of IGMP packetThe IGMP message is encapsulated in an IP datagram, which is itself The IGMP message is encapsulated in an IP datagram, which is itself encapsulated in a frame. encapsulated in a frame.

Because the IGMP occurs within the physical LAN, the TTL of the IP is Because the IGMP occurs within the physical LAN, the TTL of the IP is set to 1 – guarantees the message doesn’t leave the LANset to 1 – guarantees the message doesn’t leave the LAN

Regarding the data link layer:Regarding the data link layer:Because the IP packet has a MULTICAST address, ARP can’t be used Because the IP packet has a MULTICAST address, ARP can’t be used in finding the physical address and forwarding – therefore, the data link in finding the physical address and forwarding – therefore, the data link layer (or underlying technology) must support multicast addressinglayer (or underlying technology) must support multicast addressing


Mapping class D to Ethernet physical address

Ethernet supports physical multicast addressing

If the first 25 bits indicate this pattern, then the remaining 23 bits can take on a group

The router extracts the least significant 23 bits of the class D – however, the class D is 28 bits – therefore, 25 (32) multicast addresses are mapped to a single multicast address at the IP level

Therefore, the host must check the IP and discard any packets that do not belong to it.


An Ethernet multicast physical address is in the range

01:00:5E:00:00:00 to

01:00:5E:7F:FF:FF.

Note:Note:


Change the multicast IP address 230.43.14.7 to an Ethernet multicast physical

Example 2

SolutionWe can do this in two steps:a. We write the rightmost 23 bits of the IP address in hexadecimal. This can be done by changing the rightmost 3 bytes to hexadecimal and then subtracting 8 from the leftmost digit if it is greater than or equal to 8. In our example, the result is 2B:0E:07.

b. We add the result of part a to the starting Ethernet multicast address, which is (01:00:5E:00:00:00). The result is

01:00:5E:2B:0E:07


Change the multicast IP address 238.212.24.9 to an Ethernet multicast address.

Example 3

Solution

a. The right-most three bytes in hexadecimal are D4:18:09. We need to subtract 8 from the leftmost digit, resulting in 54:18:09..

b. We add the result of part a to the Ethernet multicast starting address. The result is

01:00:5E:54:18:09


Tunneling

Most WANs do not support physical multicast addressing – therefore tunneling is used – the multicast packet is encapsulated in the unicast packet and sent through the network


We use netstat with three options, -n, -r, and -a. The -n option gives the numeric versions of IP addresses, the -r option gives the routing table, and the -a option gives all addresses (unicast and multicast). Note that we show only the fields relative to our discussion.

Example 4

$ netstat -nraKernel IP routing tableDestination Gateway Mask Flags Iface153.18.16.0 0.0.0.0 255.255.240.0 U eth0169.254.0.0 0.0.0.0 255.255.0.0 U eth0127.0.0.0 0.0.0.0 255.0.0.0 U lo224.0.0.0 0.0.0.0 224.0.0.0 U eth00.0.0.0 153.18.31.254 0.0.0.0 UG eth0

Any packet with a multicast address from 224.0.0.0 to 239.255.255.255 is masked and delivered to the Ethernet interface.

Covering ICMP (Ch 9) and IGMP (Section 12.3)

Documents

Transcript of Covering ICMP (Ch 9) and IGMP (Section 12.3)