ICMP Internet Control Message Protocol

„ ICMP is a protocol used for exchanging control

messages.
CSCE 515: „ Two main categories
… Query message
Computer Network … Error message

Programming „ Usage of an ICMP message is determined by type and

code fields
------ IP, Ping, Traceroute „ ICMP uses IP to deliver messages.
Wenyuan Xu „ ICMP messages are usually generated and processed by
the IP software, not the user process.
Department of Computer Science and Engineering
University of South Carolina IP header ICMP Message

20 bytes
CSCE515 – Computer Network Programming

IP Datagram ICMP Message Format

1 byte 1 byte 1 byte 1 byte
VERS HL Service Total Length
Datagram ID FLAG Fragment Offset 0 78 15 16 31

TTL Protocol Header Checksum type code checksum

Source Address
payload
Destination Address
Options (if any)

Data

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

ICMP Message Types ICMP Address Mask Request and Reply

„ intended for a diskless system to obtain its subnet mask.
„ Echo Request
„ Id and seq can be any values, and these values are
„ Echo Response returned in the reply.
„ Destination Unreachable … Match replies with request

„ Redirect
0 78 15 16 31
„ Time Exceeded type(17 or 18) code(0) checksum
„ there are more ... identifier sequence number

subnet mask

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

ping Program ICMP Echo Request and Reply
„ Available at /usr/sbin/ping
„ Test whether another host is reachable
„ Send ICMP echo_request to a network host

„ -n option to set number of echo request to send 0 78 15 16 31

„ -i option to set TTL type(0 or 8) code(0) checksum

„ -R option to record route (apollon.cse.sc.edu) identifier sequence number
„ -s option to set timestamp
„ -w option to set timeout to wait for each reply optional data

„ Check manual, different ping versions have different

options

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

IP Record Route Option traceroute Program

„ ping – R : Record route „ Available at /usr/sbin/traceroute
… Every router that handles the datagram adds its IP address to a list in
the options field
„ Display the route that IP datagrams follow from
… The final destination copies the IP addresses into the outgoing ICMP
one host to another
echo reply „ Compare with ping:
… All routers on the return path add their IP address to the list … Doesn’t require an special or optional features at any
„ Problems? intermediate routers
… Only requires a working UDP module at the
destination
… uses ICMP and the TTL field in the IP header
39 bytes
„ -g option to specify intermediate routers to be
code len ptr IP addr #1 IP addr #2 … IP addr #9
used with loose source routing (up to 8 times)
„ -G option to specify intermediate routers to be
1 1 1 4 4 4
used with strict source routing (up to 8 times)

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

traceroute Program UDP port unreachable

„ TTL + ICMP
… Each router decrement the TTL at least by 1
„ ICMP error message
… A IP datagram whose TTL is either 0 or 1 will not be forwarded. … IP header
… An ICMP “time exceeded” message will be sent back to the originating
host. … 8 bytes of the IP datagram that caused the
error
dest = D

TTL = 2 TTL = 3
„ WHY?
TTL = 1 39 bytes

S R1 R2 D
Ethernet IP ICMP IP header of datagram UDP
ICMP TE ICMP TE ICMP TE?? Header header header that generated error header

14 20 8 20 8
UDP “port unreachable”

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

 Kernel Processing at IP Layer
If the host disabled the forwarding, does
the host still need routing table?
routing route netstat
daemon command command
routing table

Creating Routing updates from

adjacent routers
UDP TCP

ICMP

Entries M
P s
IC rect tagram
our packet (one of
di forward da our IP address or
re abled) broadcast addresses)?
IP output: rdi ng en
(if forwa
routing calculate next hop
table router (if necessary) sourc
e rou
tin g

process IP options

IP input queue
IP layer

network interfaces
CSCE515 – Computer Network Programming

IP Layer Create Routing Table Entries

„ Forwarding datagrams generated either on local „ Created by default when an interface is configured
host or on some other hosts toward their … when the interface’s address is set by the ifconfig
ultimate destination Destination
129.252.130.0
Gateway
129.252.130.106
Flags
U
Ref
1
Use
68
Interface
eri0

„ Routing: „ A default router specified in a file, the default is added to

the routing table on every reboot.
… Staticrouting: when network is small, single … /etc/defaultrouter
connection point to other networks, no redundant wyxu@altair % cat /etc/defaultrouter
route existent 129.252.130.1
„ specified in configuration files
„ not based on measurement or estimates of current traffic and „ Added by route command
topology
… Dynamic routing: use routing daemon to run routing
protocol in order to communicate with other routers „ Created by an ICMP redirect

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

route Command ICMP Redirect Error

„ Explicitly add or remove routing table entry „ Sent by a router to sender of an IP
from configuration files at bootstrap time datagram when the datagram should have
… route add default sun 1 been sent to a different router
… route add slip bsdi 1

„ Used only when the host has a choice of

routers to send its datagram to

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Example of ICMP Redirect Example of ICMP Redirect
Destination Gateway Destination Gateway
-------------------- -------------------- ----- -------------------- -------------------- -----
default 129.252.130.1 129.252.1.0 129.252.1.1
127.0.0.1 127.0.0.1 default 129.252.130.1
127.0.0.1 127.0.0.1

host host
129.252.1.180 129.252.1.180
(1) IP datagram (1) IP datagram

(3) ICMP redirect (3) ICMP redirect

(2) IP datagram (2) IP datagram

redirect from 129.252.130.1 to redirect from 129.252.130.1 to
R1 129.252.1.180 R2 R1 129.252.1.180 R2
129.252.130.1 129.252.130.1
129.252.1.1 129.252.1.1

Destination Gateway Final destination Destination Gateway Final destination

-------------------- -------------------- ----- -------------------- -------------------- -----
default 129.252.1.1 default 129.252.1.1
127.0.0.1 127.0.0.1 127.0.0.1 127.0.0.1

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

ICMP Redirect Security concern

„ What can you do to take advantage of the
ICMP redirect?

0 78 15 16 31 „ Screw-up the routing table

type(5) code(0-3) checksum … Redirect to some unknown host
router IP address that should be used
… Redirect to the host itself

IP header + first 8 bytes of original datagram data „ Sniffing packet

… Redirect to my own address?
„ Greedy router,
…I don’t want to route the packet
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Security concern- Partial solutions ICMP Router Discovery Messages

„ The new router must be on a directly „ After bootstrapping
connected network … broadcasts / multicasts a router solicitation
„ The redirect must be from the current message
router for that destination … otherrouters respond with a router
advertisement message
„ The redirect cannot tell the host to use
itself as a router
„ The route that’s being modified must be an
„ Periodically advertisement
indirect route … broadcasts / multicasts a router solicitation
message

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

ICMP Router Solicitation ICMP Router Advertisement

0 78 15 16 31

type(9) code(0) checksum

0 78 15 16 31 number of address
addresses entry size(2) lifetime
type(10) code(0) checksum router address [1]
unused (sent as 0) preference level [1]

router address [2]

preference level [2]

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Autonomous Systems
„ Collection of networks with same policy

„ Single routing protocol

Routing protocols
„ Usually under single administrative control

CSCE515 – Computer Network Programming

Routing classification Kernel Processing at IP Layer

„ Interior gateway protocols (IGPs)
routing route netstat
… RIP(Routing Information Protocol) routing table
daemon command command

updates from UDP TCP

… OSPF (Open Shortest Path First) adjacent routers

ICMP

P s our packet (one of

M
IC rect tagram
di forward da our IP address or
re ab led) broadcast addresses)?
IP output: ng en
(if forwardi
„ Exterior gateway protocols (EGPs) routing
table
calculate next hop
router (if necessary) sourc
e rou
tin g
… BGP: border gateway protocol process IP options

„ Used between NSFNET backbone and some of

the regional networks IP input queue
IP layer

network interfaces
CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming
Routing Protocols Distance-vector Protocols
„ Executed by routing daemon to „ Maintain a vector of
distances
communicate routing information with
„ Each router updates its
other routers routing table based on
vector of distances
received from neighbors
„ Two types of routing algorithms (IGPs) „ Example: RIP
… Distance-vector routing … most widely used routing
protocol
… Link-state routing … the metrics used: hop
count

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Problem: Count-to-infinity Count-to-infinity

„ With distance vector routing, good news
travels fast, but bad news travels slowly

„ When a router goes down, it takes can

take a really long time before all the other
routers become aware of it

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Improvements Routing Information Protocol (RIP)

„ Split Horizon „ Most widely used routing protocol
… Don’t tell neighbor about routes obtained from „ Carried in UDP datagrams
it „ Routing daemon:
… routed
… gated
„ Triggered updates as opposed to periodic
updates
UDP
IP header RIP Message
„ Path vectors, Store vectors or complete header

path as opposed to just next hop 20 bytes 8 bytes

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

RIP Message Format RIP Metrics
„ RIP uses hop count as its metric
0 78 15 16 31

command(1-6) version(1) (must be 0)

„ If there are multiple paths, router chooses
address family(2) (must be 0)
the one with smallest hop count, and
32-bit IP address
ignores other paths
(must be 0) 20 bytes

(must be 0)
metric(1-16)

(up to 24 more routes)

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

RIP Operation Problems with RIP

„ Initialization „ Has no knowledge about subnet
„ Request received addressing
„ Response received „ Take long time to stabilize after a router or

„ Regular routing updates A D link failure

„ Maximum of metric limits network size
„ Triggered updates C

B
„ No security protection

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

RIP Version 2 RIP-2 Message Format

0 78 1516 31

(must be 0)
„ Fix some deficiencies of RIP command

address family
version

(must be 0)
32-bit IP address
„ Support multiple domain (must be 0)
0 78 15 16 31
20
(must be 0) bytes command(1-6) version(2) routing domain
„ Include subnet mask metric(1-16)
address family(2) route tag
„ Some simple authentication scheme (up to 24 more routes)
32-bit IP address
added 32-bit subnet mask 20 bytes
RIP-1 Message Format
32-bit next-hop IP address
metric(1-16)

(up to 24 more routes)

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Link-state Protocols A link-state routing protocol
„ Each router maintains a „ Discover neighbors
complete routing table of
the network „ Measure the delay or cost to each of its neighbors

„ Flood routing information and link costs

„ Example: Open Shortest … To control flooding, the sequence numbers are used by routers
Path First (OSPF) to discard flood packets they have already seen from a given
router
… The age field in the packet is an expiration date. It specifies how
long the information in the packet is good for.

„ Once a router receives all the link state packets from the
network, it can reconstruct the complete topology and
compute a shortest path between itself and any other
node using Dijkstra’s algorithm (shortest path).

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Computing the Shortest Path Dijkstra’s Shortest Path Algorithm

„ Dijkstra’s Shortest Path Algorithm:
… Step 1: Draw nodes as circles. Fill in a circle to mark it as a
“temporary node.”
… Step 2: Set the current node equal to the source node
… Step 3: For the current node:
„ – Mark the cumulative distance from the current node to each
temporary adjacent node. Also mark the name of the current node.
Erase this marking if the adjacent node already has a shorter
cumulative distance marked
„ – Mark the temporary node with the shortest listed cumulative
distance as permanent by marking the<cost of the best known path
from Source, Previous Hop>and set the current node equal to it.
Repeat step 3 until all nodes are marked permanent.

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Open Shortest Path First (OSPF) OSPF: Modified Link State Routing
„ Routing algorithm now used in the Internet „ Recall:
… In link state routing, routers flood their routing information to all other
„ OSPF uses the Link State Routing algorithm with modifications to routers in the network
support:
… Multiple distance metrics (geographical distance, delay, throughput) „ In OSPF, routers only send their information to “adjacent routers”,
… Support for real-time traffic not to all routers.
… Support for subnets
… Hierarchical routing
„ Adjacent does NOT mean nearest-neighbor in OSPF
… Security – a simple authentication scheme
„ One router in each area is marked as the “designated router”

„ Use IP to carry its message „ Designated routers are considered adjacent to all other routers in
„ Provide features superior to RIP the area

„ OSPF combines link state routing with centralized adaptive routing

Someone know the topology of network

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

 Autonomous Systems
„ Collection of networks with same policy

„ Single routing protocol

BGP
„ Usually under single administrative control

CSCE515 – Computer Network Programming

Autonomous Systems IGP and EGP

„ Three categories of AS „ Each AS selects its interior gateway protocol (IGP) for
communications between routers in this AS
… Stub AS MH
MH … E.g. RIP, OSPF
„ Carry only local traffic … Within AS, local routing protocols used (optimize path metric)
… Multihomed AS
„ Connected to more than
TT TT
one AS „ Multiple AS’s use exterior gateway protocol (EGP) for
„ Still local traffic communications between routers in different AS’s
… Transit AS … E.g. EGP, BGP
… Inter-AS concerned with reachability and policy implementation
„ Carries local and non-local
MH
MH SS … Usually $$ involved with relationships
traffic

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Interior vs. Exterior Routing Protocols Why do we need an EGP?

„ Scaling to large network
… Hierarchy
… Limit scope of failure
„ Interior „ Exterior
… Automatic discovery … Specificallyconfigured
peers „ Policy
… Generally trust your
… Control reachability to prefixes
IGP routers … Connecting with
… Routes go to all IGP outside networks
routers … Set administrative
boundaries „ Allow policy-based routing
… No Transit traffic through certain ASes
… Never put Iraq on a route starting at the Pentagon
… Traffic starting or ending at IBM should not transit Microsoft

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Border Gateway Protocol (BGP)
„ An exterior gateway protocol
„ It’s neither a distance-vector nor a link-state protocol
… Distance-vector protocol but enumerates route to each
destination
„ Typically static metrics (DELAY or BANDWIDTH)
„ Use TCP to transport its messages
BGP protocol
„ BGP uses TCP as its transport protocol, on port 179. On connection
start, BGP peers exchange complete copies of their routing tables,
which can be quite large. However, only changes (deltas) are then
exchanged, which makes long running BGP sessions more efficient
than shorter ones.
„ Four Basic messages:
… Open:
„ Establishes BGP session (uses TCP port #179)
… Notification:
„ Report unusual conditions
… Update:
„ Inform neighbor of new routes that become active
„ Inform neighbor of old routes that become inactive
… Keepalive:
„ Inform neighbor that connection is still viable

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

OPEN Message NOTIFICATION and

„ Each AS has:
… one or more border routers
„ Handles inter-AS traffic
… one BGP speaker for an AS that participates in routing
„ During session establishment, two BGP speakers exchange their
… AS numbers
… BGP identifiers (usually one of the router’s IP addresses)
„ A BGP speaker has option to refuse a session
„ Select the value of the hold timer:
… maximum time to wait to hear something from other end before
assuming session is down.
„ authentication information (optional)
KEEPALIVE Messages
„ NOTIFICATION
… Indicates an error
… terminates the TCP session
… gives receiver an indication of why BGP session terminated
… Examples: header errors, hold timer expiry, bad peer AS, bad
BGP identifier, malformed attribute list, missing required
attribute, AS routing loop, etc.
„ KEEPALIVE
… protocol requires some data to be sent periodically. If no
UPDATE to send within the specified time period, then send
KEEPALIVE message to assure partner that connection still
alive

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

UPDATE Message Update Messages..

„ Network reachability information
… networkprefix/length
„ withdrawn routes
… Example :
„ attributes
„ 131.108/16
„ advertised routes
„ 131.108.0.0 255.255.0.0
„ 198/8

„ 198.0.0.0 255.0.0.0

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

BGP Attributes AS-Path
„ What is an attribute? „ Sequence of AS a AS2
AS2
… AS path route has traversed 170.10.0.0/16
170.10.0.0/16

… Loop detection AS1

… Next hop AS1
180.10.0.0/16
… Apply policy 180.10.0.0/16

… Local preference
AS3
… Multi-Exit Discriminator (MED) AS3

AS4
AS4
160.10.0.0/16
AS5
AS5 160.10.0.0/16

180.10.0.0/16 AS3 AS2 AS1

170.10.0.0/16 AS3 AS2
160.10.0.0/16 AS3 4

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Next hop Local Preference

„ Used to indicate preference AS2
AS2
„ Next hop to reach a network among multiple paths for the same 170.10.0.0/16
170.10.0.0/16
prefix anywhere in the internet.
150.10.1.1
„ The higher the value the more it is
150.10.2.1
AS2
AS2 preferred
170.10.0.0/16 AS1
AS1
170.10.0.0/16
180.10.0.0/16
180.10.0.0/16
„ Default value is 100 AS3
AS3 AS1
AS1
„ Local to the AS

„ Often used to select a specific exit 500

point for a particular destination 800
AS3 „ Used when AS path lengths are
AS3
160.10.0.0/16
160.10.0.0/16
170.10.0.0/16 150.10.1.1 same AS4
160.10.0.0/16 150.10.1.1 AS4
„ Valid within a AS only
170.10.0.0/16 AS3 AS2 500
170.10.0.0/16 AS1 AS2 800

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Multi-Exit Discriminator BGP Decision Process

„ When AS’s interconnected via „ 1. Choose route with highest LOCAL-PREF
2 or more links
… AS path length are same AS1
AS1
… AS announcing a prefix, sets „ 2. If have more than 1 route, select route with shortest AS-PATH
MED value
„ 3. If have more than 1 route, select according to lowest ORIGIN type
„ Enables AS2 to indicate its where IGP < BGP < default
preference (lower MED is
better) 170.10.0.0/16 2000

„ Used to convey the relative 170.10.0.0/16 1000

„ 4. If have more than 1 route, select route with lowest MED value
preference of entry points
„ 5. Select min cost path to NEXT HOP using IGP metrics
„ Comparable if paths are from
same AS
AS2 „ 6. If have multiple internal paths, use BGP Router ID to break tie.
AS2
170.10.0.0/16
170.10.0.0/16
„ IGP metric can be conveyed
as MED
See: http://www.cisco.com/warp/public/459/37.html

CSCE515 – Computer Network Programming CSCE515 – Computer Network Programming

Assignment & Next time
„ Reading:
… TI Ch 7, 8, 9 **;

„ Next Lecture:
… DNS

CSCE515 – Computer Network Programming