Summary of computer network - network layer

• This article is a summary of the notes on the network layer in the computer network micro-classroom of Lake University of Science and Technology . I hope it will be helpful to everyone.
  

4.1 Network layer overview

The main task of the network layer is to realize network interconnection, and then realize the transmission of data packets between networks.

To realize the tasks of the network layer, the following problems need to be solved:

• What kind of service does the network layer provide to the transport layer (reliable transmission or unreliable transmission).
• Network Layer Addressing Issues
• routing problem

Internet: It is currently the Internet with the largest number of users in the world, and it uses the TCP/IP protocol stack.

Since the network layer in the TCP/IP protocol stack uses the Internet Protocol IP, which is the core protocol of the entire protocol stack, the network layer in the TCP/IP protocol stack is often called the Internet layer.

4.2 Two services provided by the network layer:

1. Connection-oriented virtual circuit service

Core idea: Reliable communication should be guaranteed by the network

When two computers communicate, a connection at the network layer must be established, that is, a virtual circuit is established, and the two parties send packets along the virtual circuit.

A virtual circuit represents a logical connection, not a physical connection, which is different from the communication method using circuit switching.

The header of the packet only uses the complete destination host address in the connection establishment stage, and then the header of each packet only needs to carry a virtual circuit number.

After the communication ends, the virtual circuit established between them needs to be released.

Many wide-area packet switching networks use connection-oriented virtual circuit services, such as the former X.25 and the gradually outdated frame relay FR, asynchronous transfer mode ATM, and so on.

However, the pioneers of the Internet did not adopt this design idea, but adopted a connectionless datagram service.

2. Connectionless datagram service

Core idea: Reliable communication should be guaranteed by the user host.

When two computers communicate, there is no need to establish a network layer connection, and each packet can take a different path.

Each packet must carry the destination host address.

Packets transmitted in this way may be wrong, lost, repeated, or out of order.

Since the network layer itself does not provide end-to-end reliable transmission services, the router can be relatively simple and inexpensive.

The Internet adopts this design concept, placing complex network processing functions at the edge of the network (user hosts and internal transport layers), and placing simple packet delivery functions at the center of the Internet. The benefits are: reduced network cost and flexible operation mode.

4.3 IPv4

4.3.1 Overview of IPv4 addresses

1. Basic introduction

2. Representation method

The 32-bit IPv4 address is inconvenient to read and record, so the IPv4 address adopts dotted decimal notation for the convenience of users.

Example:

4.3.2 Addressing method - IPv4 addresses with classful addressing

In the way of classified addressing, IPv4 addresses are divided into Class A, Class B, Class C, Class D, and Class E.

Class A address:

• The network number is 8 bits, and the host number is 24 bits.
• The highest bit of the network number is fixed at 0, and there are 126 assignable network numbers (2 ⁷ -2), the smallest network address is 1.0.0.0, and the largest network address is 126.0.0.0
  • Subtracting all zeros, the IP address whose network number is all zeros is a reserved address, which means that the network
  • Subtract the address with network number 127 for local software loopback test, the minimum local software loopback test address is 127.0.0.1, and the maximum is 127.255.255.254
• The number of hosts that can be assigned to each network is 2 ²⁴ -2
  • The host number of all 0s indicates the network address to which the host is connected
  • The host number of all 1 indicates all hosts on the network, that is, the broadcast address

Class B address:

• The network number is 16 bits, and the host number is 16 bits
• The lower two digits of the network number are fixed at 10, the assignable network number is 2 ¹⁴ , the minimum network address is 128.0.0.0, and the maximum network address is 191.255.0.0
• The number of hosts that can be assigned to each network is 2 ¹⁶ -2
• The host number of all 0s indicates the network address to which the host is connected
• The host number of all 1 indicates all hosts on the network, that is, the broadcast address

Class C address:

• The network address is 24 bits, and the host number is 8 bits
• The first 3 digits of the network number are fixed at 110, the assignable network number is 2 ²¹ , the minimum network address is 192.0.0.0, and the maximum network address is 223.255.255.0
• The number of hosts that can be assigned to each network is 2 ⁸ -2
  • The host number of all 0s indicates the network address to which the host is connected
  • The host number of all 1 indicates all hosts on the network, that is, the broadcast address

Exercise 1:

Addresses in the following three situations cannot be assigned to host or router interfaces:

• Class A network numbers are 0 and 127
• The host number is all 0
• The host number is all 1

Exercise 2:

4.3.3 Addressing method - subnetted IPv4 address

1. Reasons for subnetting:

• The utilization rate of IP address space is sometimes very low, which is easy to cause waste
• Assigning a network number to each network will make the routing table very large
• Not immediately available when a new network is needed

2. A tool for subnetting - subnet mask

Example one:

Example two:

3. Default subnet mask:

4.3.4 Addressing methods – IPv4 addresses without classful addressing

• Dividing subnets alleviates the difficulties in the development of the Internet to a certain extent, but the huge number of Class C networks are not fully utilized because their address space is too small . The consumption of IP addresses on the Internet is still accelerating, and the entire IPv4 address space is facing the threat of exhaustion.

• IETF has proposed the method of using non-classified addressing to solve the problem of IP address shortage.

• Classless Inter-Domain Routing CIDR:

  • Eliminates class A, class B and class C addresses, and the concept of subnetting.
  • The IPv4 address space can be allocated more effectively.

1. Notation of CIDR address:

Example:

2. Route aggregation:

Exercise 1:

Exercise 2:

4.3.5 Application planning of IPv4 addresses

• Given an IPv4 address block, how to divide it into several smaller address blocks, and assign these address blocks to different networks in the Internet, and then assign IPv4 addresses to hosts and router interfaces in each network.

• There are two ways to divide the address:

  • Use a fixed-length subnet mask
  • Use a variable-length subnet mask

1. Fixed-length subnet mask:

Previously, the subnetting of IPv4 addresses was obtained through fixed-length subnet masks.

for example:

There are 5 networks in the figure, so the first 3 digits of the 4th byte of the 218.75.230.0 network are required as the subnet number.

Here is the result of dividing the 3 bits into 8 subnets:

Each subnet divided in this way has the same number of hosts, which is a waste for subnets that do not need so many hosts.

2. Variable length subnet mask

The non-classified addressing method is obtained by using variable-length subnet masks.

Example:

The distribution is as follows:

4.4 Sending and forwarding process of IP datagram

• The sending and forwarding process of an IP datagram consists of the following two parts:

  • Host sends IP datagram
  • Router forwards IP datagram

  

So how does the source host know whether the destination host is on the same network as itself?

Compare the IP address of the host with the subnet mask of the host to obtain the network address of the host, compare the destination IP address with the subnet mask of the host to obtain the destination network address, and compare the network address of the source host with the destination network address:

• If equal, means in the same network, direct delivery
• If they are not equal, it means that the network is different, which belongs to indirect delivery, and the datagram is forwarded to the default gateway, and the forwarding is replaced by the default gateway.

So how does host C know which router it should deliver to?

Default Gateway: The router assigned to a host is called the default gateway.

When the host wants to communicate with hosts on other networks, it will transmit the IP datagram to the default gateway, and the default gateway will forward it.

After comparing the destination address with the subnet mask and judging that it is not the same network, the host will forward the datagram to the default gateway. After the router where the default gateway is located receives the datagram:

• First check whether there is an error in the header of the IP datagram
  • If an error occurs, the datagram is discarded and the host is notified
  • If there is no error, forward
• Then look for a matching entry in the routing table based on the destination address of the IP datagram :
  • If found, forward to the next hop indicated in the entry
  • If not found, discard and notify the source host

The router lookup process is as follows:

• First extract the source address field and destination address field of the header from the IP datagram
• The destination IP address is compared with the address mask to obtain the destination network address, and then it is judged whether it is the same as the corresponding destination network address field in the routing table.

Here are some examples:

The first record: the network address 192.168.0.129 is obtained after combining the destination address 192.168.0.129 with the mask 255.255.255.128, which is different from the corresponding destination network address in the routing table.

The second record: the destination address 192.168.0.129 and the mask 255.255.255.128 are combined to obtain the network address 192.168.0.129, which is the same as the corresponding destination network address in the routing table, so the router knows that it should forward through interface 1.

The above-mentioned routing table only has the configuration of the directly connected network, and other network records dynamically obtained by the router, etc., which need to be learned later.

The routing table does not forward broadcast IP datagrams.

4.5 Static routing configuration and possible routing loop problems

• Static routing configuration means that users or network administrators use router-related commands to manually configure routing tables for routers.
• This manual configuration method is simple and has low overhead, but it cannot adapt to changes in network status (traffic, topology, etc.) in time, and is generally only used in small-scale networks.

Using static routing configuration may cause routing loop errors:

• Configuration error
• aggregated networks that did not exist
• network failure

1. Static routing configuration

(1) Default route

If a router wants to forward datagrams to other networks on the Internet, this requires the routing table of the router to have entries for the corresponding networks. If we manually add entries for these networks, it will require a huge amount of work and make the routing table very large. At this time, for routing entries of different destination networks with the same next hop, a default route can be used instead.

The destination network address of the default route is 0.0.0.0, and its CIDR format is 0.0.0.0/0.

(2) Specific host routing

Sometimes, we can add a host-specific routing entry for a host to the router, which is generally used by network managers to manage and test the network.

It should be noted that the network number of a specific host route is 32

2. Routing loop problem caused by static routing

Case 1: Configuration error

When R2 receives the datagram whose destination network is 192.168.1.0, it forwards it to interface 0 of R3 according to the routing table. After receiving the datagram, R3 forwards the datagram to interface 1 of R2 according to the routing table. In this way, the datagram is forwarded circularly between R2 and R3, that is, a routing loop is generated .

In order to prevent the IP datagram from permanently circling in the routing loop, a time-to-live TTL field is set in the header of the IP datagram . After the IP datagram enters the router, the TTL value is reduced by one. If the TTL is not equal to 0, it will be forwarded by the router, otherwise it will be discarded.

Case 2: Aggregating non-existing networks

In fact, the 192.168.0.0/22 ​​network contains four networks:

• 192.168.0.0/24
• 192.168.1.0/24
• 192.168.2.0/24
• 192.168.3.0/24

When the destination network of the datagram forwarded by R2 is 192.168.3.0 (which does not exist in the above network topology), R2 compares the third item in the routing table and forwards the datagram to interface 1 of R1. After receiving the datagram, R1 checks the routing table and selects the default route for forwarding, and forwards the datagram to R2. In this way, the datagram is forwarded circularly between R1 and R2, resulting in a routing loop problem.

Solution:

In the routing table of R2, add a black hole route for the aggregated, non-existing network . The next hop of the black hole route is null0 , which is a virtual interface inside the router, which is equivalent to the router discarding the IP datagram of the network address.

At this time, if R2 receives a datagram whose destination network is 192.168.3.0, it can match two records in the routing table: the third and fourth entries, but according to the longest prefix matching principle, the router will select the fourth entry for forwarding.

Case 3: Network failure

If R2 wants to forward the datagram whose destination network is 192.168.1.0/24, it will forward the datagram to interface 1 of R1. After receiving the datagram, R1 looks up the routing table, selects the default route, and forwards the datagram to interface 0 of R2. In this way, the datagram is forwarded circularly between R1 and R2, resulting in a routing loop problem.

Solution:

In the routing table of R1, add a black hole route for the directly connected network , so that R1 will not forward the datagram whose destination network is this network.

If the previous fault disappears , R1 automatically obtains the routing entry of the directly connected network of its interface 0, and sets the artificially cultivated black hole routing entry to an invalid state.

4.6 Routing Protocols

4.6.1 Overview of Routing Protocols

(1) Routing can be divided into static routing and dynamic routing:

• Static routing:
  • Refers to manually configured specific network routes, default routes, specific host routes, black hole routes, etc. For details, please refer to section 4.5 above
  • The manual configuration method is simple and the overhead is small. Cannot adapt to network status changes in time
  • Generally only used in small-scale networks
• Dynamic routing:
  • Refers to the automatic acquisition of routing information through routing protocols
  • It is more complicated, has a large overhead, and can better adapt to network changes
  • Suitable for large-scale networks

(2) The routing protocol adopted by the Internet has the following three characteristics:

• Adaptive : It means that the Internet adopts dynamic routing, which can better adapt to changes in network status.
• Distributed : Refers to the exchange of routing information between routers.
• Hierarchy : Divide the entire Internet into many smaller autonomous systems AS (Autonomous System), for example, a large Internet service provider can be divided into an autonomous system.

(3) The Internet adopts a hierarchical routing protocol:

The routing between autonomous systems is called inter-domain routing , and the routing protocol of the Exterior Gateway Protocol (EGP) category is selected .

The routing within the autonomous system is called intra-domain routing , and the routing protocol of the interior gateway protocol IGP category is selected .

Nowadays, Exterior Gateway Protocol EGP is also known as Exterior Routing Protocol ERP, and Interior Gateway Protocol IGP is also known as Interior Routing Protocol IRP.

The interior gateway protocols selected by the two autonomous systems do not need to be consistent.

(4) Common routing protocols:

(5) The basic structure of the router:

A router is a specialized computer with multiple input and output ports whose task is to forward packets.

The entire router structure can be divided into two parts :

• Routing selection part : the core component is the routing selection processor , and its task is to periodically exchange routing information with other routers to update the routing table according to the routing selection protocol used.
• Packet switching part : consists of three parts:
  • switch fabric
  • a set of input ports
  • a set of output ports

There are two types of packets received by the router:

• If it is an ordinary packet , it will look up the table and forward according to the destination address in the packet , if it cannot find it, it will be discarded, otherwise it will be forwarded according to the indicated port.
• If it is a routing message for exchanging information between routers , the packet is sent to the routing processor , and the routing processor updates its own routing table according to the packet content.

Each port of the router should also have an input buffer and an output buffer:

• The input buffer is used to temporarily store packets that are newly entered into the router but have not yet been processed.
• The output buffer is used to temporarily store packets that have been processed but not yet sent

4.6.2 Basic working principle of Routing Information Protocol RIP

The Routing Information Protocol, RIP, was one of the first interior gateway protocols to gain widespread use.

RIP requires each router in an AS in an autonomous system to maintain a record of the distance from itself to every other network in the AS.

RIP uses hop count as a metric to measure the distance to a destination network.

• The distance from the router to the directly connected network is 1
• The distance from the router to the non-directly connected network is the number of routers passed + 1
• A path can only contain up to 15 routers , and a distance of 16 is equivalent to being unreachable , so RIP is only suitable for small Internets.

Note: The routers of some manufacturers do not implement RIP strictly according to the regulations. For example, the RIP of Cisco routers defines the distance to the directly connected network as 0.

RIP considers that the route with the shortest distance is a good route , that is, the route with the least number of routers passed.

When there are multiple , equal-cost load balancing can be performed , that is, traffic is evenly distributed to multiple equal-cost routes.

Adjacent routers exchange their own routing tables periodically , for example, sending RIP update packets every 30 seconds.

1. The basic working process of RIP:

2. RIP routing entry update rules

Router C's table shows that the next entry to each destination network is recorded as a question mark, which can be understood as router D does not need to care about these contents of router C.

Assuming that the period for sending the RIP update message of router C is up, router C encapsulates the relevant routing information in its own routing table into the RIP update message and sends it to router D.

After router D receives the RIP update packet from router C, it updates its routing table according to the rules.

3. The RIP protocol has the problem of "slow transmission of bad news"

Solution:

However, these methods cannot completely solve the problem of "bad news travels slowly", which is the nature of the distance vector.

4.6.3 Basic working principle of Open Shortest Path First OSPF

1. Basic concepts

Open Shortest Path First OSPF (Open Shortes Path First) was developed in 1989 to overcome the shortcomings of RIP.

• "Open" indicates that OSPF is not controlled by a certain vendor, but published publicly.
• "Shortest path first" is because the shortest path algorithm proposed by Dijkstra is used.

OSPF is based on link state , not based on distance vector like RIP.

OSPF uses the shortest path algorithm to calculate routes, which guarantees that routing loops will not occur.

OSPF does not limit the network scale, and has high update efficiency and fast convergence speed.

2. Greeting group

Neighboring OSPF routers establish and maintain neighbor relationships by exchanging Hello (Hello) packets .

The greeting packet needs to be encapsulated in an IP datagram and sent to the multicast address 224.0.0.5 . The value of the protocol number field in the header of the IP datagram should be 89 to indicate that the data payload of the IP datagram is an OSPF packet.

The sending cycle of the hello packet is 10 seconds . If the hello packet from the neighbor router is not received within 40 seconds, the neighbor router is considered unreachable.

Each router will create a neighbor table to record the relevant information of adjacent routers, such as neighbor ID, interface, and death countdown.

If the hello packet is not received when the death countdown is 0, it is determined that the neighbor router is unreachable.

3. Link state update packet

Each router using OSPF will generate link state advertisement LSA (Link State Advertisement), LSA contains the following two contents:

• Link state information for directly connected networks
• Link state information of neighboring routers

LSA is encapsulated in the link state update packet LSU , and sent by flooding method .

A router that receives a link state update packet will forward the packet through all its other interfaces , that is, perform flood forwarding .

In this way, each router in the autonomous system sends a link state update packet encapsulated with a link state advertisement, which will be delivered to all other routers in the system.

Each router using OSPF has a link state database LSDB , which is used to store link state advertisements.

By sending the LSU encapsulated with its own LSA by each router, the LSDBs of each router will eventually reach the same.

Each router using OSPF performs shortest path calculation based on LSDB, and builds its own shortest path to other routers, that is, builds its own routing table.

Five packet types of OSPF:

4. The basic working process of OSPF

1. Neighboring routers periodically send hello packets to establish and maintain neighbor relationships.
2. After the relationship is established, the database description packet is sent to the neighbor router (note that this is only the summary information of the link state).
3. After receiving the database description packet, R1 finds that it lacks some link state information, so it sends a link state request packet to R2 .
4. After receiving it, R2 encapsulates the detailed information of the link state item that R1 lacks in a link state update packet and sends it to R1.
5. After receiving it, R1 adds the detailed information of these link state items to its own link state database, and sends a link state confirmation packet to R2 .

Similarly, R2 can also request link state information that it lacks from R1, so that R1 and R2 can achieve link state database synchronization .

Every 30 minutes or when the link state changes, the router will send a link state update packet, and other routers that receive the packet will perform flood forwarding and send a link state confirmation packet to the router.

5. OSPF in multipoint access network

When an OSPF router establishes a neighbor relationship in a multipoint access network, if other mechanisms are not adopted, a large number of multicast groups will be generated.

For example: the routers in the figure below are neighbors, and each router sends a hello packet and a link state update packet to other n-1 routers.

In order to reduce the number of packets sent, OSPF adopts the method of electing the designated router DR and the backup designated router BDR .

All non-DR and non-BDR routers only establish neighbor relationship with DR and BDR , and non-DR/BDR can only exchange information through DR/BDR.

If there is a problem with the DR, the BDR will replace the DR.

It is not complicated to implement DR and BDR, just exchange some election parameters between routers, such as router priority, router ID, interface IP address, etc., and then select DR and BDR according to the election rules.

6. Area

In a large-scale network, the packets sent by each router will be forwarded by all routers in the system, which will cause too much traffic in the entire network.

Therefore, OSPF divides an autonomous system into several smaller areas called areas .

Each area has a 32-bit area identifier , which can be expressed in dotted decimal notation. The identifier of the backbone area must be 0, and the identifiers of other areas are different.

The size of each area should not be too large, and generally should not contain more than 200 routers .

Intra-area router : All interfaces of the router are in the same area.

Border area router : connects different areas, one interface is used to connect its own area, and the other interface is used to connect the backbone area.

Backbone router : A router in a backbone area, and an area border router can also be regarded as a backbone router.

Autonomous system border router : one of the backbone routers, used to exchange routing information with other autonomous systems.

4.6.4 The basic working principle of Border Gateway Protocol BGP:

The above RIP protocol and OSPF protocol belong to the interior gateway protocol, and the border gateway protocol introduced in this summary belongs to the exterior gateway protocol.

In different autonomous systems, the cost of measuring routing (distance, bandwidth, cost, etc.) may be different . Therefore, for routing selection between different autonomous systems, it is not feasible to use cost to measure the best route.

The routing selection between autonomous systems also needs to consider related policies (political, economic, security, etc. ), such as not passing through some countries with security threats, and some autonomous systems need to charge, etc.

BGP can only find a better route that can reach the destination network, rather than looking for an optimal route.

When configuring BGP, the administrator of each autonomous system should select at least one router as the "BGP spokesperson" of the autonomous system .

To exchange routing information between BGP speakers of different autonomous systems, a TCP connection must be established first , and the port number is 179 .

• BGP packets are exchanged on this TCP connection to establish a BGP session .

• Use BGP sessions to exchange routing information (for example, add new routes, withdraw outdated routes, and report errors, etc.)

• Two BGP speakers that exchange routing information using a TCP connection are called each other's neighbors or peers .

After the BGP speakers exchange the network reachability information with each other, each BGP speaker finds a better route to each autonomous system from the received routing information according to the strategy adopted .

Practice questions:

4.7 The header format of IPv4 datagram

Fixed part : 20 bytes, which must be included in every IP datagram.

Variable part : occupies 0 to 40 bytes.

The header of an IP datagram is often described in units of 32 bits . Each row in the figure consists of 32 bits (4 bytes), and each small grid is called a field or domain .

Version : 4 bits, indicating the version of the IP protocol. The versions of the IP protocol used by both communication parties must be the same. Currently, the version number of the widely used IP protocol is 4 (namely IPv4).

Header length : 4 bits, indicating the length of the IP datagram header, and the value of this field is in units of 4 bytes .

• The minimum decimal value is 5, which means that the header of the IP datagram only has a fixed part of 20 bytes.
• The maximum decimal value is 15, indicating that the IP datagram header contains a fixed part of 20 bytes and a variable part of up to 40 bytes.

DiffServ : 8 bits are used to obtain better services. Normally this field is not used.

Total length : 16 bits, indicating the total length of the IP datagram (header + data payload), the maximum value is 65535 in decimal, in bytes, and such long IP datagrams are rarely transmitted in practice.

Time to live : 8 bits

• Initially, the unit is seconds, and the maximum lifetime is 255 seconds. When a router forwards an IP datagram, it subtracts the value of this field in the header of the IP datagram from the time spent by the router on the IP datagram. If it is not 0, it is forwarded, otherwise it is discarded.
• Now take the number of hops as the unit, when the router forwards the IP datagram, the value of this field in the header of the IP datagram is decremented by 1, if it is not 0, it is forwarded, otherwise it is discarded.
• Function: prevent IP datagrams from circling in the network (please refer to 4.5.2 routing loop problem)

Protocol : 8 bits, used to indicate what kind of protocol data unit the data part of the IPv4 datagram is.

Header checksum : occupies 16 bits and is used to detect whether there is an error in the header during transmission. Simpler than CRC encoding, known as the Internet checksum.

• Every time an IP datagram passes through a router, the router must recalculate the header checksum, because some fields (time to live, flag, slice offset, etc.) may change.
• Since the IP layer itself does not provide reliable transmission services, and calculating the header checksum is a time-consuming operation, routers no longer calculate the header checksum in IPv6, thereby forwarding IP datagrams faster.

Source IP address and destination IP address : 32 bits each, used to fill in the IP address of the source host that sends the IP datagram and the IP address of the destination host that receives the IP datagram.

Optional field : length can vary from 1 byte to 40 bytes. Used to support troubleshooting, measurement and security measures. Optional fields add functionality to the IP datagram, but also add overhead. In practice optional fields are rarely used.

Padding field : ensure that the header length is an integer multiple of 4 bytes. Pad with all 0s.

The identification field, the flag field, and the slice offset field are used together for fragmentation of IP datagrams.

The data link layer protocol stipulates the maximum length of the data payload of the frame , which is called the maximum transmission unit MTU . If the length of an IP datagram exceeds the MTU, it cannot be encapsulated into a frame, and the original IP datagram needs to be fragmented into smaller IP datagrams.

Identification : occupying 16 bits, each fragment belonging to the same datagram has the same identification. The IP software maintains a counter, increments the counter value by one each time a datagram is generated, and assigns this value to the identification field.

Flag : occupies 3 bits, the meaning of each bit is as follows:

• DF bit: Indicates whether fragmentation is allowed, 1 means fragmentation is not allowed, and 0 means fragmentation is allowed.
• MF bit: Indicates whether there are fragments behind this fragment. 1 means there are still shards, 0 means this is the last shard.
• Reserved bits: MUST be set to 0.

Fragment offset : 13 bits, indicating the position of each fragmented datagram in the original datagram. in units of 8 bytes.

Fragmentation example:

4.8 Internet Control Message Protocol ICMP

In order to forward IP datagrams more efficiently and improve the chance of successful delivery, the Internet Control Message Protocol (ICMP) is used at the Internet layer.

Hosts or routers use ICMP to send error report messages and query messages .

ICMP messages are encapsulated and sent in IP datagrams.

1. ICMP error report message

There are five types of ICMP error messages:

• end point unreachable
• source suppression
• time exceeded
• parameter problem
• change route (redirect)

(1) The end point is unreachable

When a router or host cannot deliver a datagram, it sends a Destination Unreachable message to the source.

Specifically, according to the ICMP code field, it can be subdivided into 13 types of errors, such as destination network unreachable, destination host unreachable, destination protocol unreachable, destination port unreachable, and destination network unknown.

Example: H1 wants to send an IP datagram to H2, which needs to be forwarded by R1, but there is no relevant entry about H2 in the routing table of R1, the datagram will be discarded, and a destination unreachable message will be sent to H1.

(2) Source suppression

When a router or host discards a datagram due to congestion, it sends a source suppression message to the source to let the source know that the sending rate should be slowed down.

Example:

(3) Time exceeds

When the router receives an IP datagram whose destination address is not its own, it will decrease its TTL by 1. If the result is not 0, it will forward the datagram. If the result is 0, it will discard the datagram and send the time exceeded message to the source.

In addition, when the terminal cannot receive all the datagram fragments of a datagram within the predetermined time, it discards all the received datagram fragments and sends a time exceeded message to the source point.

For example:

(4) Parameter problem

When a router or a host receives an IP datagram, it finds that a bit error occurs in the header according to the checksum field of the header, discards the datagram, and sends a parameter problem message to the source.

Example:

(5) Change the route

The router sends the change route message to the host, letting the host know that the datagram should be sent to another router (better route) next time.

Example:

ICMP error report messages should not be sent in the following situations:

2. ICMP query message

(1) Echo request and reply

ICMP echo request message is an inquiry sent by a host or router to a specific destination host .

The host receiving the message must send an ICMP Echo Reply message to the source host or router .

This query message is used to test whether the destination station is reachable and to know its related status .

(2) Timestamp request and answer

The ICMP timestamp request message is to request a host or router to answer the current date and time .

There is a 32-bit field in the ICMP timestamp reply message , and the integer written in it indicates how many seconds there are from January 1, 1900 to the current moment.

This query message is used for clock synchronization and time measurement.

3. Examples of ICMP applications

(1) Packet inter-network detection PING

• Used to test the connectivity between hosts or routers, the ping command is used in the window.
• The application layer directly uses ICMP at the Internet layer , without TCP or UDP at the transport layer.
• Use ICMP to echo request and reply messages.

(2) trace route traceroute

The implementation principle of traceroute:

4.9 Virtual Private Network VPN and Network Address Translation NAT