Tải bản đầy đủ
8 ICMP ( Internet control message protocol)

8 ICMP ( Internet control message protocol)

Tải bản đầy đủ

ICMP (Internet control message protocol)

Figure 5.8

185

Internet Control Message Protocol version 4 (ICMPv4): protocol format.

be reached via a shorter route. The ICMP message is generated in the format illustrated in
Figure 5.8, this field being packed into the IP data field of an IP packet (Figure 5.6). The
destination and source addresses of the original IP packet (the one which encountered the
problem) are reversed, so that the ICMP message is returned to the original source.
So that the source host can identify which packet encountered the problem, the ICMP
information field (Figure 5.8) is usually filled with the IP-header of the original packet plus
at least 64 bits (8 octets) of the original IP data (i.e., user data).
The coding of the various fields in the ICMP protocol is documented in Table 5.8. As you
will see from Table 5.8, ICMP has a number of uses other than merely reporting destination
unreachable, time exceeded or other IP parameter errors. It can also be used to acquire status
information about the network.
Table 5.8

Internet control message protocol version 4 (ICMPv4): messages and coding

ICMP Type
value (0–255)

ICMP Type meaning

ICMP code
value (0–255)

0

Echo message (e.g.,
PING request)
Destination
unreachable

0

3

0
1
2
3
4
5
6
7
8
9
10
11
12
13
14

ICMP Code meaning and ICMP
information field content
ICMP-info field gives identifier
and sequence number
Network unreachable
Host unreachable
Protocol unreachable
Port unreachable
Fragmentation needed and DF set
Source route failed
Destination network unknown
Destination host unknown
Source host isolated
Communication to network
prohibited
Communication to host
prohibited
Network unreachable for Type of
Service
Host unreachable for Type of
Service
Communication administratively
prohibited
Host Precedence violation
(continued overleaf )

186

WANs, routers and the Internet protocol (IP)

Table 5.8

(continued )

ICMP Type
value (0–255)

ICMP Type meaning

ICMP code
value (0–255)
15

4
5

8

Source Quench
message
Redirect message
(via gateway IP
address given in
ICMP-info field)

11

Echo reply message
(e.g., PING
response)
Time exceeded

12

Parameter problem

0

Redirect datagrams for the
network

1
2
3
0

Redirect datagrams for host
Redirect for TOS and network
Redirect for TOS and host
ICMP-info field gives identifier
and sequence number

0
1

Time to live exceeded
Fragment reassembly time
exceeded
Pointer in first octet of ICMP
information field indicates
error
Fragment reassembly time
exceeded
ICMP files includes 2 octet
identifier, 2 octet sequence
number, 4 octet originate
timestamp, 4 octet receive
timestamp and 4 octet
transmit timestamp
ICMP files includes 2 octet
identifier, 2 octet sequence
number, 4 octet originate
timestamp, 4 octet receive
timestamp and 4 octet
transmit timestamp
ICMP info is 2 octet identifier
and 2 octet sequence number
ICMP info is 2 octet identifier
and 2 octet sequence number

0

13

Timestamp message

0

14

Timestamp reply
message

0

15

Information request

0

16

Information reply
message
Address mask
request
Address mask reply

0

18

Precedence cut-off in effect
(packets with lower
precedence are being
discarded)
N/A

0

1

17

ICMP Code meaning and ICMP
information field content

0
0

One of the most commonly used features of ICMP used by network administrators is the
PING (Packet INternet Groper) service. When a device is PINGed by a network administrator,
he/she sends a short message (an echo request) from a remote location across the Internet (or
other IP network) to the device. The device is merely required to reply (with an echo reply).
If the echo reply returns, the network administrator is able to confirm that the remote device
is reachable from the location from which he/she sent the original echo request. Most people

Internet addressing (IPv4)

187

refer to a PING request and reply (rather than an ICMP echo request/reply: ICMP types 0 and
8). In some forms of PING, a timestamp is requested (ICMP types 13 and 14). In addition, the
IP route record option (previously discussed) can be set, in order to gain information about the
path taken to the destination. The PING service is thus a valuable but simple tool for network
troubleshooting.

5.9 Internet addressing (IPv4)
In order that the Internet protocol (IP) can deliver IP packets to their intended destinations,
each device connected to an IP network must be uniquely identified by means of an IP address.
Internet addresses for Internet protocol (IP) versions prior to IPv6 have a fixed length of
32-bits. These addresses (IPv4 addresses) are used in the IP-packet header to identify both
the source and destination of the packet and are critical for data communication using the
Internet protocol.
IP addresses can be classified into two types: public IP addresses and private IP addresses.
Public IP addresses are unique. Both versions have a common format, usually written as a
series of four decimal integers (each of value between 0 and 255) separated by ‘dots’, e.g.,
173.65.8.1
or more generally:
d.d.d.d
The Internet addressing scheme used for Internet protocol version 4 is defined in a number of
different RFCs as follows:
• the original classful addressing scheme is documented in RFC 1812;
• the management of the address space and the top level allocations are covered in RFC
1466; and
• classless inter-domain routing (CIDR) is documented in RFCs 1517–1519.
We describe classful addresses and the classless address scheme in turn.

Classful IP addressing scheme
The original classful addressing scheme foresaw dividing the fixed length number (of 32 bits)
into two separate portions, the first part of the address to be known as the network address
and the second (remaining) portion as the host address.
The classes defined in the classful addressing scheme correspond to different lengths of
network- and host-address portions, as illustrated in Figure 5.9 and detailed in Table 5.9. A
class A address-range thus has a network address of 1 byte length (8-bits) and a host address
portion of 24 bits (corresponding to the last three bytes of the address). Each individual address
within a class A address range is typically written in the form A.d.d.d, where A is a decimal
value between 1 and 127 (identifying the particular operator’s network) and the d values are
decimal values in the range 1–255 representing the precise host address value. Routers outside
of the network corresponding to the class A address range need only have routing table entries
‘A.0.0.0’ if the access to the class A network is by means of a single gateway router. The

188

Class A
Class B
Class C
Class D
(Multicast)
Class E

WANs, routers and the Internet protocol (IP)

Figure 5.9

Classful IP addressing scheme.

Table 5.9

IPv4 classful addressing scheme

First
bits of
address

Number
of bits
of network
address

0
10
110
1110

7
14
21
28

1111

Experimental use

Number
of bits
of host
address
24
16
8
Non-aggregatable
Multicast address

Number
Number of
of hosts
network address
per network
ranges
address
available
126
16 383
2 097 151
268 million

16.8 million
65 536
256
0

268 million

0

gateway address for this address range is thus ‘A.0.0.0’. Each full class A address range has
scope for nearly 16.8 million host addresses.
A class B address has the number format B1.B2.d.d where B1 and B2 are the permanently
assigned numbers corresponding to the network address and d.d forms the host address assigned
to the end-user device by the class B address range owner. A class B address thus has a 16-bit
sub-address corresponding to the last two bytes of the public IP address. This allows a class
B network to comprise up to 65 536 hosts. Routers outside the network can make do with
a single routing table entry B1.B2.0.0 if the access to the class B network is by means of a
single gateway router. The gateway address is B1.B2.0.0.
A class C address has the form C1.C2.C3.d. The host address comprises only the last 8 bits
of the address, allowing a maximum of 256 hosts to be connected. The routing table entry for
routers external to the network will be C1.C2.C3.0 (gateway address).
Class A and class B address ranges can be subdivided by their owners into subnetworks
corresponding to class B and class C address ranges respectively. By using such subnetwork
address ranges, the network operator helps to simplify the task of routing and administering

Internet addressing (IPv4)

189

his or her network by keeping groups of similar destination address in defined geographical locations (e.g., attached to a particular router, or within a particular LAN or campus
network).
Class D addresses are multicast addresses. These have the form D.d.d.d where D is a
decimal value between 224 and 239.
Class E addresses are reserved for experimental use. These have the form E.d.d.d, where
E is a decimal value between 240 and 255.

Classless inter-domain routing (CIDR) and subnet masks
By 1992 it became clear that the IPv4 address space would be exhausted, and that the classful
method of allocation of addresses could not be sustained. This led to a new method of public
IP address range allocation based on classless inter-domain routing (CIDR). The CIDR address
scheme (introduced by RFCs 1517-9 in 1993) is a more flexible address allocation scheme
which allows for host or subnet (subnetwork) address ranges of any length (rather than the strict
8-bit, 16-bit or 24-bit host and subnetwork address lengths of the classful address scheme). By
introducing CIDR, the remaining unallocated class B and class C addresses could be shared
between more business enterprises than would otherwise have been possible.
The main feature of classless inter-domain routing (CIDR) is the separation of the network
address and the subnet address (i.e., host address) by means of a subnet-mask. It is the
subnet-mask which reveals where the first bit of the subnetwork address begins.
It is useful to commence with an example from the classful address scheme to explain the
idea of the subnet-mask, and we return to Figure 5.9. The example class C address range shown
in Figure 5.9b and 5.10c is the address range including all the addresses between 173.65.8.0
and 173.65.8.255. The host address (or subnet address) corresponds to the last 8-bits of the
address (i.e., the value between 0 and 255 at the end). The subnet mask is a series of 24 bits
of binary value ‘1’, followed by 8 bits of binary value ‘0’. By comparing the subnet mask
with the full IP address, the subnet address can be obtained by ignoring all the bits of the IP
address which align with a value ‘1’ in the subnet-mask.
Whereas in the classful addressing scheme a whole address range could be identified by
means of the gateway address (of the form A.d.d.d [class A addresses] or B1.B2.d.d [class B
addresses] or C1.C2.C3.d [class C addresses]), it is necessary in the case of classless addresses
to specify the gateway address and the subnet mask. The subnet mask can be denoted in one
of two ways: either as a number similar to an IP-address comprising four decimal numbers
equivalent to the ‘value’ of the subnet mask (the value of the subnet mask in the example of
Figure 5.9g is 255.255.255.0) or as a ‘slash character’ (/) and a decimal number equal to the
number of ‘1’s’ in the mask: thus in our example /24.
The routing table entry for the class C address 173.65.8.0 can thus also be denoted in a
CIDR format as follows, either as:
• 173.65.8.0 / 24, or as:
• 173.65.8.0 subnet mask: 255.255.255.0
Figures 5.10 and 5.11 provide further illustrations of subnet address ranges conforming to the
CIDR addressing scheme. These clearly illustrate how classless inter-domain routing (CIDR)
brought the possibility of variable length subnet masks (VLSMs). No longer are the mask
lengths fixed at 8 bits (Class A), 16 bits (Class B) and 24 bits (Class C). It is worth studying
them to ensure you have understood the principle of the gateway address and the subnet mask
and can derive from these two the full address range represented by them.

190

WANs, routers and the Internet protocol (IP)

Figure 5.10 CIDR example: gateway
173.65.8.0–173.65.15.255.

address

173.65.8.0–2048

subnet

addresses

available

Figure 5.11 CIDR example: gateway address 173.65.8.0–4 subnet addresses available 173.65.8.0–
173.65.8.3.

Physical and logical addresses
Addresses used in telecommunications are sometimes physical addresses 14 and sometimes they
are logical addresses. The 48-bit unique IEEE identifiers commonly used as MAC addresses
in ethernet and other LAN networks are examples of physical addresses.
Sometimes it is convenient to use unique physical addresses. But on occasions where a
given address (e.g., an IP-address) is used to direct a number of remote computers to a given
software application running on a computer, the use of a logical address is better.
A logical address provides a permanent means for remote hosts to address a particular
software application, without the software application having to reside for all time at the
same physical location (i.e., on the same computer). The benefit of using a logical address is
that the destination address used by the remote hosts to access the application need not be
changed even if the software application is moved from one computer to another (for example,
14
the term physical address may appear somewhat confusing here, since the MAC address is an address used
at the layer 2 or datalink layer (rather than being a physical layer or layer 1 address). Nonetheless, the MAC
address is permanently associated with a particular physical port on the LAN. Messages sent to this physical
address will always find their way to the same physical network end-point (unless, of course, the particular
ethernet interface card is transferred from one computer to another).

Internet addressing (IPv4)

191

because of a ‘hardware upgrade’). But in order for the message to be delivered to the physical
device which runs the application corresponding to the logical address, the address must first
be resolved into a physical address. As we will discover in Chapter 6, a protocol like ARP
(address resolution protocol) is used to carry out the resolution.
IP addresses can be allocated either as physical or as logical addresses. In other words, an
IP address could be assigned to physical hardware (e.g., a server) or to a software application
(which can be moved from one server to another). Most common is to use the IP address
as the logical address of a server application and the ethernet MAC address as the physical
address of a host or server.

Internet address assignment — IANA and the regional registries
Public IP addresses are allocated on application to the Internet Assigned Numbers Authority
(IANA — www.iana.org) or one of its regional registries:
• APNIC (Asia-Pacific Network Information Centre — www.apnic.net);
• ARIN (American Registry for Internet Numbers — www.arin.net); or
• RIPE (R´eseaux IP Europ´eens — European IP Network Coordination Centre — www.ripe
.net).

Public and private IP addresses
Local networks which use transparent routers for their connection to the public Internet need to
use public IP addresses, in order that all the numbers are unique: see Figure 5.12a. Meanwhile,

Figure 5.12

Alternative public/private IP addressing schemes and related local network/Internet configuration.

192

WANs, routers and the Internet protocol (IP)

private IP networks which are either not connected to the Internet (Figure 5.12b) or are connected by means of routers which perform NAT (network address translation — Figure 5.12c)
may use their own privately conceived network addressing scheme. IETF (in RFC 1918)
and IANA recommend the use of the following assigned private Internet ranges for private
IP networks:
• 10.0.0.0
• 172.16.0.0
• 192.168.0.0

to
to
to

10.255.255.255
172.31.255.255
192.168.0.255

(10.0.0.0/8)
(172.16.0.0/12)
(192.168.0.0/16)

[65 535 host addresses]
[4 095 host addresses]
[255 host addresses]

A business enterprise or private individual that decides to use private IP addresses from
the above ranges may do so without coordination with either IANA or any of the regional
registries, but these addresses can only be used within the private IP network (e.g., as in
Figure 5.12b or Figure 5.12c), as they are not unique addresses.
Why has the use of private IP address space proliferated? Primarily because the public
address space was rapidly exhausted during the mid-1990s as the ‘Internet boom’ took off.
As a result, it became difficult for businesses and private individuals to get as many public
IP addresses assigned as they required. The solution was to use a ‘private IP-network’ in
one of the configurations of Figure 5.12b, 5.13c or 5.13d. Figures 5.13c and 5.13d illustrate
alternative methods of connecting private IP networks to the public Internet.

Network address translation (NAT)
Figure 5.12c shows a private IP network using a private IP addressing scheme, connected to
the Internet by means of a router employing NAT (network address translation). Each time a
packet traverses the NAT router (no matter whether leaving the private network to the Internet
or entering it from the Internet), the private IP address in the IP packet header is translated
to or from (i.e., swapped for) a public IP address. Thus a device in the private IP network is
‘known’ in the private IP network under its private IP address and in the public Internet under
a different public IP address. What is the benefit of using NAT then, you might ask? The
answer is that only those devices within the private network which need to communicate with
the public Internet need have a public IP address. So, while the configuration of Figure 5.12c

Figure 5.13

Differentiated services (DiffServ): DS field format and functions of DS-router.

Differentiated services (Diffserv and DS field)

193

allows for data communication between any internal company private IP network devices,
this might be achieved with only a very small number of public IP addresses. A secondary
benefit of the configuration of Figure 5.12c is that the private IP network is much more secure
than the network of Figure 5.12a. This is because all the private network devices which do
not require public Internet access do not have public IP addresses and therefore cannot be
accessed by malicious ‘hackers’ in the outside public Internet community.

Dynamic address allocation using DHCP (dynamic host
configuration protocol)
Figure 5.12d shows the use of a router employing DHCP (dynamic host configuration protocol)
as a gateway between a private IP network and the public Internet. In this configuration, the IP
address is only temporarily assigned to the communicating host within the private IP network.
By such means it is possible to share the public IP address space as shown in Figure 5.12d,
given that the number of hosts requiring addresses at any one time does not exceed the total
number of public addresses available to the DHCP for dynamic address assignment.
It is becoming increasingly common to employ DHCP servers for the allocation of IP
addresses in private LANs and private IP networks since this makes for much easier administration of the numbering range. Hosts and software applications which are configured to
accommodate DHCP are prepared to accept temporary IP address assignments (e.g., for a
24-hour period or for the course of a particular communication). The fact that all addresses
are only temporarily assigned makes for much easier management of the numbering scheme,
allowing individual hosts or addresses easily to be moved from one part of the network
(subnetwork) to another.
Another common configuration is to use a router at the gateway which combines both NAT
(Figure 5.12c) and DHCP. The router acts as both a DHCP server (Figure 5.12d) and as a
DHCP client. As a DHCP server, the router allocates private IP addresses to hosts within the
private IP network. As a DHCP client, the router may receive public IP address allocation on
a temporary basis from an Internet service provider (ISP) to which it is connected for public
Internet access. The public IP address allows a host in the private IP network temporarily to
access the public Internet. NAT is needed (as in Figure 5.12c) to translate between the two
temporarily assigned private and public IP addresses. This configuration is very efficient in its
use of public IP addresses as well as being quite secure, for now there is not a fixed public
IP address always used to access a given private host from the public Internet.

5.10 Differentiated services (Diffserv and DS field)
The Internet and IP-based networks have become the technology of choice for data communications but there has been ever-increasing demand to use these networks for carriage of
communications flows — multimedia services, including real-time voice-over-IP (VOIP) and
video streaming. Such multimedia information flows or streams make much heavier demands
upon the network and have led to the development of a new integrated services model for the
Internet. The model is presented in RFC 1633.
The integrated services model is a further development of the type-of-service (TOS) and
IP precedence concepts of IP. The model seeks to give higher priority for the use of network
capacity to critical services at times of network congestion. Done away with is the, best effort’
principle of data delivery and there is an attempt to provide a greater guarantee of reliable and
predictable delivery for high priority traffic streams. Instead of queuing packets for forwarding
across the network on a FIFO (first-in-first-out) basis, packets which can afford to wait will be
held in the queue (i.e., output buffer) until after more critical packets have already been sent.

194

WANs, routers and the Internet protocol (IP)

The integrated services architecture for differentiated services (DiffServ) is defined in RFCs
2474-5 and RFC 3260. It defines a new flow-specific state intended to give differential priority
for stream services and delay-critical signals like real-time video, and aims to mirror the
differential quality of service (QOS) needs for different communications types established by
IEEE 802.1p and RFC 2386.

Differentiated services codepoint (DSCP) and per-hop behaviour (PHB)
When differentiated services (DiffServ) are enabled and in use, a DS field (differentiated services field — as depicted in Figure 5.13a) is included in all relevant IP packet headers. (In IPv4
the DS field replaces the TOS-field: in IPv6 the traffic class octet is used — see Figure 5.14). A
6-bit codepoint value appears in the DS field (the differential services codepoint, DSCP ). The
DSCP identifies the priority of the traffic stream to which the packet belongs. In the jargon
the traffic stream is a flow-specific state, and the particular characteristic needs of a given type
of flow are called a behaviour aggregate (BA).
Analysis of the DSCP causes a differentiated services router receiving the packet to apply
the corresponding per-hop behaviour (PHB) group to it. The PHB defines the means and
method by which network resources will be assigned to different traffic flows (i.e., behaviour
aggregates). In particular the PHB affects the relative delays encountered by packets and
the relative packet discard priority (i.e., which packets should be thrown away first should
network congestion cause packet discarding to become unavoidable).
As an example: a simple PHB could reserve X% of a given link’s for a given behaviour
aggregate (i.e., traffic stream). Following the assignment, the given traffic stream can ‘rely’
upon a minimum bit rate equivalent to X% of the bandwidth. Only packets bearing the correct
DS codepoint will gain access to this reserved bandwidth. The bandwidth reservation can be
undertaken as a permanent assignment (for example, giving the more important customers of

Figure 5.14 Internet protocol version 6 (IPv6) packet format.