ICMP report network error
ICMP or Internet Control Message Protocol is one of the most important network protocols in TCP/IP protocol suite. The Internet Protocol is not designed to be absolutely reliable. As such, ICMP is designed to be used by networked computers' operating systems to send error messages to show that a requested service is not available or that a PC or router could not be reached.
In a TCP/IP network, every router on the network that forwards an IP datagram has to decrement the time to live (TTL) field of the IP header by one. When the TTL field reaches 0, an ICMP TTL exceeded in transit message is sent back to the source of the datagram. This attribute is utilized by many commonly used network utilities like traceroute and ping.
Basically, the traceroute command is implemented by sending UDP datagrams with specially set IP TTL header fields. When ICMP TTL reach 0 in transit, an ICMP "Destination unreachable" messages is generated. In the case of ping utility, it is implemented using the ICMP "Echo request" and "Echo reply" messages. In the following ping test example, the output of ping tells us that network connectivity to www.google.com is working. It also tells us the time each packet took to return.
The ability to understand ICMP is a requirement for any IP-compatible network device. However, many security devices such as firewalls block or disable all or part of ICMP functionality for security purposes - reasons include to block unnecessary ping test to server systems.
In a TCP/IP network, every router on the network that forwards an IP datagram has to decrement the time to live (TTL) field of the IP header by one. When the TTL field reaches 0, an ICMP TTL exceeded in transit message is sent back to the source of the datagram. This attribute is utilized by many commonly used network utilities like traceroute and ping.
Basically, the traceroute command is implemented by sending UDP datagrams with specially set IP TTL header fields. When ICMP TTL reach 0 in transit, an ICMP "Destination unreachable" messages is generated. In the case of ping utility, it is implemented using the ICMP "Echo request" and "Echo reply" messages. In the following ping test example, the output of ping tells us that network connectivity to www.google.com is working. It also tells us the time each packet took to return.
C:\>ping www.google.comAlthough the ICMP messages are typically used in reporting errors during datagrams processing, no ICMP messages are sent about ICMP messages to avoid the infinite regress of messages about messages etc.,
Pinging www.l.google.com [216.239.61.104] with 32 bytes of data:
Reply from 216.239.61.104: bytes=32 time=13ms TTL=246
Reply from 216.239.61.104: bytes=32 time=11ms TTL=246
Reply from 216.239.61.104: bytes=32 time=12ms TTL=246
Reply from 216.239.61.104: bytes=32 time=10ms TTL=246
Ping statistics for 216.239.61.104:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 13ms, Average = 11ms
The ability to understand ICMP is a requirement for any IP-compatible network device. However, many security devices such as firewalls block or disable all or part of ICMP functionality for security purposes - reasons include to block unnecessary ping test to server systems.
Comments
Post a Comment