ICMP Internet Control Message Protocol
ICMP is a protocol used for exchanging control messages. CSCE 515: Two main categories Query message Computer Network Error message Programming Usage of an ICMP message is determined by type and code fields ------IP, Ping, Traceroute ICMP uses IP to deliver messages. Wenyuan Xu ICMP messages are usually generated and processed by the IP software, not the user process.
Department of Computer Science and Engineering University of South Carolina IP header ICMP Message
20 bytes CSCE515 – Computer Network Programming
IP Datagram ICMP Message Format
1 byte 1 byte 1 byte 1 byte VERS HL Service Total Length
Datagram ID FLAG Fragment Offset 0781516 31 TTL Protocol Header Checksum type code checksum Source Address Destination Address payload Options (if any)
Data
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
ICMP Message Types ICMP Address Mask Request and Reply
intended for a diskless system to obtain its subnet mask. Echo Request Id and seq can be any values, and these values are Echo Response returned in the reply. Destination Unreachable Match replies with request Redirect 0781516 31 Time Exceeded type(17 or 18) code(0) checksum there are more ... identifier sequence number subnet mask
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming ping Program ICMP Echo Request and Reply Available at /usr/sbin/ping Test whether another host is reachable Send ICMP echo_request to a network host
-n option to set number of echo request to send 0781516 31 -i option to set TTL type(0 or 8) code(0) checksum -R option to record route (apollon.cse.sc.edu) identifier sequence number -s option to set timestamp -w option to set timeout to wait for each reply optional data
Check manual, different ping versions have different options
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
IP Record Route Option traceroute Program ping – R : Record route Available at /usr/sbin/traceroute Every router that handles the datagram adds its IP address to a list in Display the route that IP datagrams follow from the options field one host to another The final destination copies the IP addresses into the outgoing ICMP echo reply Compare with ping: All routers on the return path add their IP address to the list Doesn’t require an special or optional features at any Problems? intermediate routers Only requires a working UDP module at the destination uses ICMP and the TTL field in the IP header 39 bytes -g option to specify intermediate routers to be used with loose source routing (up to 8 times) code len ptr IP addr #1 IP addr #2 … IP addr #9 -G option to specify intermediate routers to be 1 11 4 4 4 used with strict source routing (up to 8 times)
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
traceroute Program UDP port unreachable TTL + ICMP ICMP error message Each router decrement the TTL at least by 1 A IP datagram whose TTL is either 0 or 1 will not be forwarded. IP header An ICMP “time exceeded” message will be sent back to the originating host. 8 bytes of the IP datagram that caused the error
dest = D WHY? TTL = 2 TTL = 3
TTL = 1 39 bytes S R1 R2 D Ethernet IP ICMP IP header of datagram UDP ICMP TE ICMP TE ICMP TE?? Header header header that generated error header
14 2088 20 UDP “port unreachable”
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming Kernel Processing at IP Layer
If the host disabled the forwarding, does the host still need routing table? routing route netstat daemon command command routing table updates from UDP TCP Creating Routing adjacent routers ICMP
Entries P M ts our packet (one of IC c agram re ward dat di for our IP address or re d) broadcast addresses)? ing enable IP output: (if forward routing calculate next hop table router (if necessary) sou rce ro uting
process IP options
IP input queue IP layer
network interfaces CSCE515 – Computer Network Programming
IP Layer Create Routing Table Entries Forwarding datagrams generated either on local Created by default when an interface is configured host or on some other hosts toward their when the interface’s address is set by the ifconfig ultimate destination Destination Gateway Flags Ref Use Interface 129.252.130.0 129.252.130.106 U 1 68 eri0
Routing: A default router specified in a file, the default is added to the routing table on every reboot.
Static routing: when network is small, single /etc/defaultrouter connection point to other networks, no redundant wyxu@altair % cat /etc/defaultrouter route existent 129.252.130.1 specified in configuration files not based on measurement or estimates of current traffic and Added by route command topology Dynamic routing: use routing daemon to run routing protocol in order to communicate with other routers Created by an ICMP redirect
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
route Command ICMP Redirect Error Explicitly add or remove routing table entry Sent by a router to sender of an IP from configuration files at bootstrap time datagram when the datagram should have route add default sun 1 been sent to a different router route add slip bsdi 1 Used only when the host has a choice of routers to send its datagram to
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming Example of ICMP Redirect Example of ICMP Redirect
Destination Gateway Destination Gateway ------default 129.252.130.1 129.252.1.0 129.252.1.1 127.0.0.1 127.0.0.1 default 129.252.130.1 127.0.0.1 127.0.0.1
host host 129.252.1.180 129.252.1.180 (1) IP datagram (1) IP datagram
(3) ICMP redirect (3) ICMP redirect
(2) IP datagram (2) IP datagram redirect from 129.252.130.1 to redirect from 129.252.130.1 to R1 129.252.1.180 R2 R1 129.252.1.180 R2 129.252.130.1 129.252.130.1 129.252.1.1 129.252.1.1
Destination Gateway Final destination Destination Gateway Final destination ------default 129.252.1.1 default 129.252.1.1 127.0.0.1 127.0.0.1 127.0.0.1 127.0.0.1
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
ICMP Redirect Security concern What can you do to take advantage of the ICMP redirect?
0781516 31 Screw-up the routing table type(5) code(0-3) checksum Redirect to some unknown host router IP address that should be used Redirect to the host itself
IP header + first 8 bytes of original datagram data Sniffing packet Redirect to my own address? Greedy router, I don’t want to route the packet
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Security concern- Partial solutions ICMP Router Discovery Messages
The new router must be on a directly After bootstrapping connected network broadcasts / multicasts a router solicitation The redirect must be from the current message router for that destination other routers respond with a router advertisement message The redirect cannot tell the host to use itself as a router Periodically advertisement The route that’s being modified must be an indirect route broadcasts / multicasts a router solicitation message
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming ICMP Router Solicitation ICMP Router Advertisement
0781516 31
type(9) code(0) checksum
0781516 31 number of address addresses entry size(2) lifetime type(10) code(0) checksum router address [1] unused (sent as 0) preference level [1]
router address [2] preference level [2]
…
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Autonomous Systems
Collection of networks with same policy
Routing protocols Single routing protocol
Usually under single administrative control
CSCE515 – Computer Network Programming
Routing classification Kernel Processing at IP Layer
Interior gateway protocols (IGPs) routing route netstat daemon command command RIP (Routing Information Protocol) routing table updates from UDP TCP OSPF (Open Shortest Path First) adjacent routers
ICMP
P M ts our packet (one of IC c agram re ward dat di for our IP address or re d) broadcast addresses)? ing enable IP output: (if forward Exterior gateway protocols (EGPs) routing calculate next hop table router (if necessary) sou rce ro uting
BGP: border gateway protocol process IP options Used between NSFNET backbone and some of the regional networks IP input queue IP layer
network interfaces CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming Routing Protocols Distance-vector Protocols
Executed by routing daemon to Maintain a vector of communicate routing information with distances Each router updates its other routers routing table based on vector of distances received from neighbors Two types of routing algorithms (IGPs) Example: RIP Distance-vector routing most widely used routing protocol Link-state routing the metrics used: hop count
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Problem: Count-to-infinity Count-to-infinity
With distance vector routing, good news travels fast, but bad news travels slowly
When a router goes down, it takes can take a really long time before all the other routers become aware of it
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Improvements Routing Information Protocol (RIP)
Split Horizon Most widely used routing protocol Don’t tell neighbor about routes obtained from Carried in UDP datagrams it Routing daemon: routed gated Triggered updates as opposed to periodic updates
UDP IP header RIP Message Path vectors, Store vectors or complete header path as opposed to just next hop 20 bytes 8 bytes
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming RIP Message Format RIP Metrics
RIP uses hop count as its metric
0781516 31 command(1-6) version(1) (must be 0) If there are multiple paths, router chooses address family(2) (must be 0) the one with smallest hop count, and 32-bit IP address ignores other paths (must be 0) 20 bytes (must be 0) metric(1-16)
(up to 24 more routes)
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
RIP Operation Problems with RIP
Initialization Has no knowledge about subnet Request received addressing Response received Take long time to stabilize after a router or D link failure Regular routing updates A Maximum of metric limits network size Triggered updates C B No security protection
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
RIP Version 2 RIP-2 Message Format 0781516 31 Fix some deficiencies of RIP command version (must be 0) address family (must be 0) 32-bit IP address Support multiple domain 0781516 31 (must be 0) 20 bytes (must be 0) command(1-6) version(2) routing domain Include subnet mask metric(1-16) address family(2) route tag Some simple authentication scheme (up to 24 more routes) 32-bit IP address added RIP-1 Message Format 32-bit subnet mask 20 bytes 32-bit next-hop IP address metric(1-16)
(up to 24 more routes)
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming Link-state Protocols A link-state routing protocol
Each router maintains a Discover neighbors complete routing table of the network Measure the delay or cost to each of its neighbors
Flood routing information and link costs Example: Open Shortest To control flooding, the sequence numbers are used by routers Path First (OSPF) to discard flood packets they have already seen from a given router The age field in the packet is an expiration date. It specifies how long the information in the packet is good for.
Once a router receives all the link state packets from the network, it can reconstruct the complete topology and compute a shortest path between itself and any other node using Dijkstra’s algorithm (shortest path).
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Computing the Shortest Path Dijkstra’s Shortest Path Algorithm
Dijkstra’s Shortest Path Algorithm: Step 1: Draw nodes as circles. Fill in a circle to mark it as a “temporary node.” Step 2: Set the current node equal to the source node Step 3: For the current node: – Mark the cumulative distance from the current node to each temporary adjacent node. Also mark the name of the current node. Erase this marking if the adjacent node already has a shorter cumulative distance marked – Mark the temporary node with the shortest listed cumulative distance as permanent by marking the
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Open Shortest Path First (OSPF) OSPF: Modified Link State Routing
Routing algorithm now used in the Internet Recall: In link state routing, routers flood their routing information to all other OSPF uses the Link State Routing algorithm with modifications to routers in the network support: Multiple distance metrics (geographical distance, delay, throughput) In OSPF, routers only send their information to “adjacent routers”, Support for real-time traffic not to all routers. Support for subnets Adjacent does NOT mean nearest-neighbor in OSPF Hierarchical routing Security – a simple authentication scheme One router in each area is marked as the “designated router”
Use IP to carry its message Designated routers are considered adjacent to all other routers in Provide features superior to RIP the area
OSPF combines link state routing with centralized adaptive routing
Someone know the topology of network
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming Autonomous Systems
Collection of networks with same policy
BGP Single routing protocol
Usually under single administrative control
CSCE515 – Computer Network Programming
Autonomous Systems IGP and EGP
Three categories of AS Each AS selects its interior gateway protocol (IGP) for communications between routers in this AS Stub AS MHMH E.g. RIP, OSPF Carry only local traffic Within AS, local routing protocols used (optimize path metric) Multihomed AS Connected to more than TT T one AS T Multiple AS’s use exterior gateway protocol (EGP) for Still local traffic communications between routers in different AS’s Transit AS E.g. EGP, BGP Inter-AS concerned with reachability and policy implementation Carries local and non-local traffic MHMH SS Usually $$ involved with relationships
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Interior vs. Exterior Routing Protocols Why do we need an EGP?
Scaling to large network Hierarchy Limit scope of failure Interior Exterior Automatic discovery Specifically configured Policy Generally trust your peers Control reachability to prefixes IGP routers Connecting with Routes go to all IGP outside networks routers Set administrative boundaries Allow policy-based routing No Transit traffic through certain ASes Never put Iraq on a route starting at the Pentagon Traffic starting or ending at IBM should not transit Microsoft
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming Border Gateway Protocol (BGP) BGP protocol
An exterior gateway protocol BGP uses TCP as its transport protocol, on port 179. On connection start, BGP peers exchange complete copies of their routing tables, It’s neither a distance-vector nor a link-state protocol which can be quite large. However, only changes (deltas) are then exchanged, which makes long running BGP sessions more efficient Distance-vector protocol but enumerates route to each than shorter ones. destination Four Basic messages: Typically static metrics (DELAY or BANDWIDTH) Open: Use TCP to transport its messages Establishes BGP session (uses TCP port #179) Notification: Report unusual conditions Update: Inform neighbor of new routes that become active Inform neighbor of old routes that become inactive Keepalive: Inform neighbor that connection is still viable
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
OPEN Message NOTIFICATION and
Each AS has: KEEPALIVE Messages one or more border routers NOTIFICATION Handles inter-AS traffic Indicates an error one BGP speaker for an AS that participates in routing terminates the TCP session gives receiver an indication of why BGP session terminated Examples: header errors, hold timer expiry, bad peer AS, bad During session establishment, two BGP speakers exchange their BGP identifier, malformed attribute list, missing required AS numbers attribute, AS routing loop, etc. BGP identifiers (usually one of the router’s IP addresses) A BGP speaker has option to refuse a session KEEPALIVE Select the value of the hold timer: protocol requires some data to be sent periodically. If no UPDATE to send within the specified time period, then send maximum time to wait to hear something from other end before KEEPALIVE message to assure partner that connection still assuming session is down. alive authentication information (optional)
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
UPDATE Message Update Messages..
Network reachability information network prefix/length withdrawn routes Example : attributes 131.108/16 advertised routes 131.108.0.0 255.255.0.0 198/8 198.0.0.0 255.0.0.0
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming BGP Attributes AS-Path
Sequence of AS a What is an attribute? AS2AS2 170.10.0.0/16 AS path route has traversed 170.10.0.0/16 Loop detection AS1AS1 Next hop 180.10.0.0/16 Apply policy 180.10.0.0/16 Local preference AS3 Multi-Exit Discriminator (MED) AS3
AS4AS4 160.10.0.0/16 AS5AS5 160.10.0.0/16
180.10.0.0/16 AS3 AS2 AS1 170.10.0.0/16 AS3 AS2 160.10.0.0/16 AS3 4
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Next hop Local Preference
Used to indicate preference AS2AS2 170.10.0.0/16 Next hop to reach a network among multiple paths for the same 170.10.0.0/16 prefix anywhere in the internet.
150.10.1.1 The higher the value the more it is AS2 150.10.2.1 preferred AS2 AS1 170.10.0.0/16170.10.0.0/16 AS1 180.10.0.0/16 180.10.0.0/16 Default value is 100 AS3AS3 AS1AS1 Local to the AS
Often used to select a specific exit 500 point for a particular destination 800 Used when AS path lengths are AS3AS3 160.10.0.0/16 170.10.0.0/16 150.10.1.1 same 160.10.0.0/16 160.10.0.0/16 150.10.1.1 AS4AS4
Valid within a AS only 170.10.0.0/16 AS3 AS2 500 170.10.0.0/16 AS1 AS2 800
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Multi-Exit Discriminator BGP Decision Process
When AS’s interconnected via 1. Choose route with highest LOCAL-PREF 2 or more links AS1 AS path length are same AS1 2. If have more than 1 route, select route with shortest AS-PATH AS announcing a prefix, sets MED value 3. If have more than 1 route, select according to lowest ORIGIN type Enables AS2 to indicate its where IGP < BGP < default preference (lower MED is better) 170.10.0.0/16 2000 4. If have more than 1 route, select route with lowest MED value Used to convey the relative 170.10.0.0/16 1000 preference of entry points 5. Select min cost path to NEXT HOP using IGP metrics Comparable if paths are from same AS 6. If have multiple internal paths, use BGP Router ID to break tie. AS2AS2 170.10.0.0/16 170.10.0.0/16 IGP metric can be conveyed as MED See: http://www.cisco.com/warp/public/459/37.html
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming Assignment & Next time
Reading: TI Ch 7, 8, 9 **;
Next Lecture: DNS
CSCE515 – Computer Network Programming