Article content overview
Detailed ICMP protocol
- Internet Control Message Protocol (Internet Control Message Protocol)
- This protocol is mainly used to assist IP protocol for data transmission
- ICMP protocol can report error information or abnormal conditions
ICMP packet data is encapsulated in IP datagrams for data transmission . The ICMP message is divided into two parts: ICMP message header and ICMP message data
ICMP message header
- Type : mainly refers to the type of ICMP message (there are two main types, which will be explained later)
- Code : Mainly refers to the specific errors of different ICMP message types
- Checksum : mainly to check whether the message has errors in the entire transmission
In the IP protocol header introduced earlier, there is an 8-bit protocol, which indicates what protocol the specific data carried by the IP data is. ICMP field value is 1
If the data transmitted by the IP protocol is ICMP data, then 1 will be written in the protocol
Two types of ICMP protocol messages
Error report message
- Network unreachable : IP address can represent a network. When the host number is all 0, it means a certain network. If the entire network is unreachable, it will report an ICMP protocol message of type 3 and specific code 0
- Host unreachable : If computer A wants to communicate with computer B, and computer B is shut down, the host will be unreachable
- Network redirection : The data transmitted to a certain network may not be able to go to that network and need to be redirected
- Host redirection : If the host informs that the message cannot be processed, please send it to another host
Query message
- Send back request or response : mainly to verify whether the network is connected. Suppose computer A wants to communicate with computer B, A will send an empty data to B, if B receives it, it will give a response
- Timestamp request or response : This is used when time synchronization is required
Application of ICMP protocol
Ping application
In the previous article, the ping command was used to view the response time and TTL of the network. This part mainly introduces the principle of ping
The ping application mainly uses ICMP query messages , which send back request or response messages. When using the ping command, it will first assemble an IP protocol message, and then assemble an ICMP query message in the IP datagram, and then send it out through the data link layer. This is the principle of ping application
Usually we use the ping command to check whether the local network is connected, or how the network quality is. At home, we will also use the ping command to troubleshoot how network failures occur at home
- The first step is to ping the local loopback address 127.0.0.1 (if there is no return, there is a problem with the protocol stack, at this time you may need to reinstall the system or reinstall the protocol stack)
- If the previous step returns normally, ping the gateway address (that is, the router address). If the computer is on the intranet, it is usually ping 192.168.0.1 or ping 192.168.1.1. If you can ping the gateway in the previous step, it means that the machine can be connected to the router. If not, it means that there is a problem with the network cable or wifi.
- If you can ping the gateway, then ping the remote address (such as Baidu). If it fails, it means that the network between your home and your ISP is faulty. At this time, you need to contact China Telecom, China Mobile, or China Unicom.
Traceroute application
Traceroute can detect the path taken by the IP datagram in the network . In this article on the detailed description of IP protocol , it is introduced that the computer is connected to the virtual internet network. We don't care about which path the datagram takes in the network. However, if you need to troubleshoot the network, the Traceroute application can provide more advanced functions, so that we can better understand how the network is.
Traceroute application principle
When introducing the IP header, there is a TTL in the header, which indicates the lifetime of an IP data message in the network. Every time a device passes through, the TTL is reduced by 1. When the TTL is 0, the network device must discard the message
When the TTL is 0, the network device must discard the packet. However, it did not tell what to do when discarding. After understanding the ICMP message, you can know that if the network device wants to discard the message, it will send an ICMP endpoint unreachable error message . In other words, it will report an error and tell the source host that an error has occurred in the message transmission so that the source host will be aware of the problem. Below is an example
With the help of a figure used in the previous section, the figure indicates the direction of the network from computer A to computer B. As mentioned in the previous article, data packets are transmitted hop by hop, so it will jump to the medium network successively = 》Large network=》Medium network=》Small network=》Computer B.
The Traceroute application cleverly uses the function of the ICMP error and unreachable message . In order to detect the path that the data message traverses, it first encapsulates an IP message with a TTL of 1 . In the above figure, after computer A sends a message with a TTL of 1, it will find that the TTL is 0 after reaching the medium-sized network. At this time, it will send an ICMP error unreachable message to the source machine (that is, A) . At this time, computer A will record the IP of the medium network. At this time, Traceroute will encapsulate a request message with a TTL of 2. When the data reaches the large network, the TTL is 0. Large networks will discard the message and send an ICMP error unreachable message to the source machine. At this time, computer A will record the IP of the large network. TTL in turn increases until it receives a normal response that says the message sent from computer A, B has been received . At this point, computer A has received all the information of the path machine, and can now output the path the datagram has traversed in the network.
Therefore, the Traceroute application cleverly uses the function of the ICMP error and unreachable message, each time the TTL is increased by 1 until the target machine is reached, and the IP of each machine passed by is recorded to obtain the path. This is the principle of Traceroute application
Looking at the actual operation, you can use the tracert+domain name/IP command to view the output in windows . There are built-in tools available in Mac
First of all, you can see that Baidu's address is: 182.61.200.7. Then the first hop under packets is my intranet router address 192.168.0.1. The second hop came to 113.45.64.1, which should be the intranet IP of the cell. You can directly search for the IP of each hop passed by on Baidu.
If you want to see a more detailed inter-provincial route, you can trace and visit github.com, because this server is in the United States, so it will be slower
It is the core competitiveness of a technical person to find the constant in the rapidly changing technology. Unity of knowledge and action, combining theory with practice