Describe IP operations [ ICMP Unreachable and Redirects ] CCNP

-

The Internet Control Message Protocol (ICMP) is a supporting protocol in the Internet protocol suite. It is used by network devices, like routers, to send error messages and operational information.

 

ICMP TYPE NUMBERS

 The Internet Control Message Protocol (ICMP) has many messages that are identified by a "type" field.

Type      Name                                                                    Reference
----         -------------------------                      ---------
  0            Echo Reply                                                          [RFC792]
  1            Unassigned                                                            [JBP]
  2            Unassigned                                                            [JBP]
  3            Destination Unreachable                                       [RFC792]
  4            Source Quench                                                     [RFC792]
  5            Redirect                                                                 [RFC792]
  6            Alternate Host Address                                         [JBP]
  7            Unassigned                                                            [JBP]
  8            Echo                                                                [RFC792]
  9            Router Advertisement                                    [RFC1256]
 10          Router Selection                                              [RFC1256]
 11          Time Exceeded                                                [RFC792]
 12          Parameter Problem                                          [RFC792]
 13          Timestamp                                                       [RFC792]
 14          Timestamp Reply                                             [RFC792]
 15          Information Request                                         [RFC792]
 16          Information Reply                                             [RFC792]
 17          Address Mask Request                                    [RFC950]
 18          Address Mask Reply                                         [RFC950]
 19          Reserved (for Security)                                      [Solo]
 20-29    Reserved (for Robustness Experiment)             [ZSu]
 30          Traceroute                                     [RFC1393]
 31          Datagram Conversion Error            [RFC1475]
 32     Mobile Host Redirect                       [David Johnson]
 33     IPv6 Where-Are-You                        [Bill Simpson]
 34     IPv6 I-Am-Here                                [Bill Simpson]
 35     Mobile Registration Request            [Bill Simpson]
 36     Mobile Registration Reply                [Bill Simpson]
 37     Domain Name Request                       [Simpson]
 38     Domain Name Reply                           [Simpson]
 39     SKIP                                                    [Markson]
 40     Photuris                                               [Simpson]
 41-255 Reserved                                           [JBP]




ICMP type 3, Destination unreachable message:


The ICMP destination unreachable message is generated by a router to inform the source host that the destination unicast address is unreachable.

The IP header plus the first 8 bytes of the original datagram’s data is returned to the sender. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram’s data.

If the Cisco IOS receives a nonbroadcast packet destined for itself that uses an unknown protocol, it sends an ICMP protocol unreachable message back to the source. If the software receives a packet that it is unable to deliver to the ultimate destination because it knows of no route to the destination address, it sends an ICMP host unreachable message to the source. (enabled by default).

3     Destination Unreachable         [RFC792]


        Codes
            0  Net Unreachable
            1  Host Unreachable
            2  Protocol Unreachable
            3  Port Unreachable
            4  Fragmentation Needed and Don't Fragment was Set
            5  Source Route Failed
            6  Destination Network Unknown
            7  Destination Host Unknown
            8  Source Host Isolated
            9  Communication with Destination Network is  Administratively Prohibited
           10  Communication with Destination Host is  Administratively Prohibited
           11  Destination Network Unreachable for Type of Service
           12  Destination Host Unreachable for Type of Service
           13  Communication Administratively Prohibited         [RFC1812]
           14  Host Precedence Violation                                      [RFC1812]
           15  Precedence cutoff in effect                                     [RFC1812]

Explaination -

1.       Network unreachable- it has a code value of 0. In this the datagram cannot be delivered to the network that is specified in the network ID portion of the IP address. This means that there was a problem with the routing and was caused by a bad address.
2.       The second is the host unreachable. This has a value code of 1. In this the datagram was delivered to the network that is specified but it could not be sent to the host who was mentioned in the address. This also implies a routing issue.
3.       The protocol unreachable is the next. The value code of this is 2. In this the destination port that was specified as UDP or TCP header was not valid.
4.       Fragmentation needed and DP set - the MTU is always smaller than the packet size. The router is not allowed to fragment the packet. This message is very often used in a very clever way. This is done by intentionally sending messages of increasing size to understand the maximum transmission size that the link can take. This process is also called the MTU path discovery.
5.       Source route failed - this is generated if the source route was specified for the datagram in the option but the router could not forward the datagram to the next step in the route.
6.       Destination network unknown - this is not used any more.
7.       Destination unknown host - in this the host that is specified is not known. This is generated by a router call made to the destination host. This usually means a bad address.
8.       Source host isolated - this is again not used anymore.
9.       Communication with the destination network is prohibited administratively -in this the source device will not be allowed to send the network where the destination device is located.
10.   Communication with the destination host is administratively prohibited - in this the source device is allowed to send network where the destination device is located but not to the particular device.
11.   Destination network is unreachable for the type of service - in this the network that is specified in the IP address cannot be reached due to the inability to provide the service that is clearly specified in the "type of service" field of the datagram header.
12.   Destination not reachable for the type of service - in this the destination host that is specified in the IP address cannot be reached due to the inability to provide the "type of service" mentioned in the datagram header.
13.   Communication administratively prohibited - in this the datagram cannot be forwarded as the filtering blocks the message based on the contents.
14.   Host precedence violation - this is sent by the first hop router when the precedence value in the "type of service field" is one that cannot be permitted.
15Precedence cutoff in effect - this is sent by the datagram that is in the receiving end. The precedence value         should be lower than the minimum allowed for the network at that time.

ICMP type 5, Redirects  message:

This mechanism is used by the host to notify that a better next hop is available to exit from the network. The CISCO routers will send the ICMP redirect message when the following conditions are met:

   5     Redirect    [RFC792]


        Codes
            0           Redirect Datagram for the Network (or subnet)
            1           Redirect Datagram for the Host
            2           Redirect Datagram for the Type of Service and Network

            3          Redirect Datagram for the Type of Service and Host


Explaination –

  1. The subnet or the network of the source IP address is same as that of the subnet or network of the next hop IP address.
  2. The interface where the packet comes into the router are same as the interface on which the packets are routed out.
  3. The datagram is not source routed.
  4. The kernel is such that it is configured to send redirects.






Comments

Post a Comment

Popular posts from this blog

How to Upgrade Software on Cisco 5508/5520 HA WLC

-
Image
The process to upgrade a Cisco Wireless Lan Controller is quite straightforward but there are a few things you need to be aware of which can minimise the downtime for your wireless network. This guide will go through the process to upgrade a pair of 5508 WLC’s configured in HA setup and connected back to back with RP port. Here is the Topology: Upgrade Software on Cisco 5508/5520 WLC – Steps The first step is to upload the new image to the controller. This process does nothing to your live network and only uploads the image to the controller. Download the image from  cisco.com  and store in a known location on your laptop. For the purpose of this guide I am using 8.0.121.0 .Don't forget to check compatible matrix for your AP Models.  You will need a TFTP server running, I am using TFTPD32 running locally on my laptop. You can also use FTP or SFTP server to transfer the image.  Copy the new image into your tftp directory and go to the GUI on your controller
Read more

How to upgrade software on a Cisco 3850 Switch | Recover Password | Configuration Backup | Restore Configuration

-
Image
This short post will show you how to upgrade the software on a single Cisco 3850 switch or a 3850 stack, using TFTP and USB. The process is very easy but it is a bit different than the usual software image of previous switches i.e 3750 etc. The main difference is the Cisco 3850 switch run IOS-XE so you have to copy the .bin file to the flash on the switch and then install the software on the switch. Download the required image from cisco.com Begin the install Reboot the switch Step 1 copy the new image to the 3850 3850-SW1# copy tftp flash Address or name of remote host []? 10.1.1.100 Source filename []? cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin Destination filename [cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin]? Accessing tftp://10.1.1.250/cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin… Loading cat3k_caa-universalk9.SPA.03.03.01.SE.150-1.EZ1.bin from 10.251.226.253 (via Port-channel1): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Read more

STP Interview Questions and Answers [CCNP]

-
What is STP & Redundant Links? Spanning Tree Protocol (STP) is a protocol which prevents layer 2 loops. STP enables switches to become aware of each other so that they can negotiate a Loop-Free path through network. In practical Scenario, Redundant links are created to avoid complete network failure in an event of failure of one link. How STP works? STP chooses a Reference point (Root Bridge) in the network and calculates all the redundant paths to that reference point. Than it picks one path by which to forward frames and blocks other redundant paths. What are the different port states? 1. Disabled - A port in the disabled state does not participate in the STP. 2. Blocking - A blocked port does not forward frames. It only listens to BPDUs. The purpose of the blocking state is to prevent the use of looped paths. 3. Listening - A port in listening state prepares to forward data frames without populating the MAC address table. The port also sends and listens t
Read more