Internet Control Protocols

Savera Tanwir

Internet Control Protocols

ICMP
ARP
RARP
DHCP

Overview

The IP (Internet Protocol) relies on several

other protocols to perform necessary control
and routing functions:

Control functions (ICMP)

Multicast signaling (IGMP)
Setting up routing tables (RIP, OSPF, BGP, PIM, )

ICMP

The Internet Control Message Protocol

(ICMP) is a helper protocol that supports IP
with facility for

Error reporting
Simple queries

ICMP messages are encapsulated as IP datagrams:

ICMP Query message

ICMP Request
ICMP Reply

Host

Host or router

ICMP query:
Request sent by host to a router or host
Reply sent back to querying host

Example of ICMP Queries

Type/Code:

Description

8/0 Echo Request

0/0 Echo Reply
13/0
Timestamp Request
14/0Timestamp Reply

10/0
Router Solicitation
9/0 Router Advertisement

The ping command

uses Echo Request/
Echo Reply

Example of a Query:
Echo Request and Reply

Pings are handled directly by the kernel

Each Ping is translated into an ICMP Echo
Request
The Pinged host responds with an ICMP Echo
Reply
ICMP EC
Host
Host
or
or
Router
Router

HO REQUE
ST

REPL
O
H
EC
ICMP

Host
Host
or
or
router
router

ICMP Error message

IP datagram

IP datagram
is discarded

ICMP Error
Message

Host

Host or router

ICMP error messages report error conditions

Typically sent when a datagram is discarded
Error message is often passed from ICMP to
the application program

ICMP Error message

ICMP Message
from IP datagram that triggered the error
IP header

type

ICMP header

code

IP header

8 bytes of payload

checksum

Unused (0x00000000)

ICMP error messages include the complete IP

header and the first 8 bytes of the payload
(typically: UDP, TCP)

Frequent ICMP Error message

Type Code

Description

015 Destination

Notification that an IP datagram could not be

forwarded and was dropped. The code field
contains an explanation.

03 Redirect

Informs about an alternative route for the

datagram and should result in a routing table
update. The code field explains the reason for
the route change.

11

0, 1 Time
exceeded

Sent when the TTL field has reached zero

(Code 0) or when there is a timeout for the
reassembly of segments (Code 1)

12

0, 1 Parameter
problem

Sent when the IP header is invalid (Code 0)

or when an IP header option is missing (Code
1)

unreachable

Some subtypes of the

Destination Unreachable
Code

Description

Reason for Sending

Network
Unreachable

No routing table entry is available for the destination

network.

Host
Unreachable

Destination host should be directly reachable, but

does not respond to ARP Requests.

Protocol
Unreachable

The protocol in the protocol field of the IP header is

not supported at the destination.

Port
Unreachable

The transport protocol at the destination host cannot

pass the datagram to an application.

Fragmentation
Needed
and DF Bit Set

IP datagram must be fragmented, but the DF bit in

the IP header is set.

Example: ICMP Port

Unreachable

RFC 792: If, in the destination host, the IP module cannot deliver the
datagram because the indicated protocol module
or process port is not active, the destination host may send a destination unreachable message to the source host.

Scenario:

Request
a
service
at a por
t 80

Client
Client

No process
is waiting
at port 80
Server
Server

e
t
Por achabl
e
Unr

ARP/RARP Overview

ARP and RARP

Note:

The Internet is based on IP addresses

Data link protocols (Ethernet, FDDI, ATM) may have different
(MAC) addresses

The ARP and RARP protocols perform the translation

between IP addresses and MAC layer addresses
We will discuss ARP for broadcast LANs, particularly
Ethernet LANs

IP address
(32 bit)

ARP
RARP

Ethernet MAC
address
(48 bit)

Processing of IP packets by
network device drivers

Address Translation with ARP

ARP Request:
Argon broadcasts an ARP request to all
stations on the network: What is the
hardware address of Router137?

Address Translation with ARP

ARP Reply:
Router 137 responds with an ARP Reply which
contains the hardware address

ARP Packet Format

Ethernet II header
Destination
address

Source
address

Type
0x8060

ARP Request or ARP Reply

28

10

Hardware type (2 bytes)

Hardware address
length (1 byte)

Padding

CRC
4

Protocol type (2 bytes)

Protocol address
length (1 byte)

Operation code (2 bytes)

Source hardware address*

Source protocol address*
Target hardware address*
Target protocol address*
* Note: The length of the address fields is determined by the corresponding address length fields

Example

ARP Request from Argon:

Source hardware address:
Source protocol address:
Target hardware address:
Target protocol address:

00:a0:24:71:e4:44
128.143.137.144
00:00:00:00:00:00
128.143.137.1

ARP Reply from Router137:

Source hardware address:
Source protocol address:
Target hardware address:
Target protocol address:

00:e0:f9:23:a8:20
128.143.137.1
00:a0:24:71:e4:44
128.143.137.144

ARP Cache

Since sending an ARP request/reply for each

IP datagram is inefficient, hosts maintain a
cache (ARP Cache) of current entries. The
entries expire after 20 minutes.

Contents of the ARP Cache:

(128.143.71.37) at 00:10:4B:C5:D1:15 [ether] on eth0
(128.143.71.36) at 00:B0:D0:E1:17:D5 [ether] on eth0
(128.143.71.35) at 00:B0:D0:DE:70:E6 [ether] on eth0
(128.143.136.90) at 00:05:3C:06:27:35 [ether] on eth1
(128.143.71.34) at 00:B0:D0:E1:17:DB [ether] on eth0
(128.143.71.33) at 00:B0:D0:E1:17:DF [ether] on eth0

Things to know about ARP

What happens if an ARP Request is made for a nonexisting host?

Several ARP requests are made with increasing
time intervals between requests. Eventually, ARP
gives up.

On some systems (including Linux) a host periodically

sends ARP Requests for all addresses listed in the ARP
cache. This refreshes the ARP cache content, but also
introduces traffic.

Gratuitous ARP Requests: A host sends an ARP request

for its own IP address:

Useful for detecting if an IP address has already been assigned.

Dynamic Assignment of IP
addresses

Dynamic assignment of IP addresses is

desirable for several reasons:

Three Protocols:

IP addresses are assigned on-demand

Avoid manual IP configuration
Support mobility of laptops

RARP (until 1985, no longer used)

BOOTP (1985-1993)
DHCP (since 1993)

Only DHCP is widely used today.

Solutions for dynamic

assignment of IP addresses

Reverse Address Resolution Protocol

(RARP)

RARP is no longer used

Works similar to ARP
Broadcast a request for the IP address
associated with a given MAC address
RARP server responds with an IP address
Only assigns IP address (not the default router
and subnetmask)
IP address
(32 bit)

ARP
RARP

Ethernet MAC
address
(48 bit)

DHCP

Dynamic Host Configuration Protocol

(DHCP)

Designed in 1993
An extension of BOOTP (Many similarities to BOOTP)
Same port numbers as BOOTP
Extensions:

Supports temporary allocation (leases) of IP addresses

DHCP client can acquire all IP configuration parameters

DHCP is the preferred mechanism for dynamic

assignment of IP addresses
DHCP can interoperate with BOOTP clients.

DHCP Interaction (simplified)

Argon
00:a0:24:71:e4:44
DHCP Request
00:a0:24:71:e4:44
Sent to 255.255.255.255

DHCP Server

DHCP Operation

DCHP DISCOVER

DCHP OFFER

DHCP Operation

DCHP REQUEST

At this time, the DHCP client can start to use the

IP address

Renewing a Lease
(sent when 50% of lease has expired)
If DHCP server sends DHCPNACK, then address is released.

DHCP Operation

DCHP RELEASE

At this time, the DHCP client has released the IP

address