18CSC302J- Computer Networks

Unit I
 Syllabus - Unit I
IP Header UDP Datagram
IP Fragmentation Characteristics
ARP TCP Header
RARP TCP Connection Establishment Process
ICMP Error Control
Introduction Congestion Control
Messages Flow Control
Debugging Tools Multicasting & Multicast Routing Protocols
ICMP Package Stream Control Transmission Protocol
1. 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Transmission Control Protocol /
Internetworking Protocol (TCP/IP)
• Cerf and Kahn’s landmark 1973 paper outlined the protocols to achieve
end-to-end delivery of data.
• Around this time responsibility for the ARPANET was handed over to the
Defense Communication Agency (DCA).
• In October 1977, an internet consisting of three different networks
(ARPANET, packet radio, and packet satellite) was successfully demonstrated.
• Communication between networks was now possible.
• Shortly thereafter, authorities made a decision to split TCP into two protocols:
• Transmission Control Protocol (TCP) and Internet Protocol (IP).
• IP would handle datagram routing while TCP would be responsible for higher
level functions such as segmentation, reassembly, and error detection.
• The new combination became known as TCP/IP.
Layers in the TCP/IP Protocol Suite :
Physical Layer
Data Link Layer
Network Layer
• At the network layer (or, more accurately, the internetwork layer),
TCP/IP supports the Internet Protocol (IP).
• The Internet Protocol (IP) is the transmission mechanism used by the
TCP/IP protocols.
• IP transports data in packets called datagrams, each of which is
transported separately.
• Datagrams can travel along different routes and can arrive out of
sequence or be duplicated.
• IP does not keep track of the routes and has no facility for reordering
datagrams once they arrive at their destination.
Network Layer
• Communication at the network layer is end to end while the
communication at the other two layers are node to node.
• The datagram started at computer A is the one that reaches computer
B.
• The network layers of the routers can inspect the source and
destination of the packet for finding the best route, but they are not
allowed to change the contents of the packet.
• The unit of communication at the network layer is a datagram.
Transport Layer
• Although all nodes in a network need to have the network layer, only the two
end computers need to have the transport layer.
• The network layer is responsible for sending individual datagrams from
computer A to computer B;
• the transport layer is responsible for delivering the whole message, which is
called a segment, a user datagram, or a packet, from A to B.
• A segment may consist of a few or tens of datagrams.
• The segments need to be broken into datagrams and each datagram has to be
delivered to the network layer for transmission.
• Since the Internet defines a different route for each datagram, the datagrams
may arrive out of order and may be lost.
• The transport layer at computer B needs to wait until all of these datagrams to
arrive, assemble them and make a segment out of them.
Transport Layer
• The transport layer was represented in the TCP/IP suite by two
protocols:
• User Datagram Protocol (UDP) and Transmission Control
Protocol (TCP).
• A new protocol called Stream Control Transmission Protocol
(SCTP) has been introduced in the last few years
• The unit of communication at the transport layer is a segment, user
datagram, or a packet, depending on the specific protocol used in this
layer.
Application Layer
• The application layer in TCP/IP is equivalent to the combined session,
presentation, and application layers in the OSI model.
• The application layer allows a user to access the services of our private
internet or the global Internet.
• Many protocols are defined at this layer to provide services such as
electronic mail, file transfer, accessing the World Wide Web,
• the communication at the application layer, like the one at the transport
layer, is end to end.
• A message generated at computer A is sent to computer B without being
changed during the transmission.
• The unit of communication at the application layer is a message.
ADDRESSING

• Four levels of addresses are used in an internet employing the TCP/IP

protocols:
• Physical address
• logical address
• port address
• application-specific address.
Physical Addresses
• The physical address, also known as the link address, is the address of
a node as defined by its LAN or WAN.
• It is included in the frame used by the data link layer.
• It is the lowest-level address.
• The physical addresses have authority over the link (LAN or WAN).
• The size and format of these addresses vary depending on the network.
• For example, Ethernet uses a 6-byte (48-bit) physical address that is
imprinted on the network interface card (NIC).
07:01:02:01:2C:4B
A 6-byte (12 hexadecimal digits) physical address
 Logical Addresses
• Logical addresses are necessary for universal communications that are
independent of underlying physical networks.
• Physical addresses are not adequate in an internetwork environment
where different networks can have different address formats.
• A universal addressing system is needed in which each host can be
identified uniquely, regardless of the underlying physical network.
• The logical addresses are designed for this purpose.
• A logical address in the Internet is currently a 32-bit address that can
uniquely define a host connected to the Internet.
• No two publicly addressed and visible hosts on the Internet can have the
same IP address.
The physical addresses will change from hop to hop, but the logical
addresses remain the same.
Port Addresses
• The IP address and the physical address are necessary for a quantity of data to travel
from a source to the destination host.
• However, arrival at the destination host is not the final objective of data
communications on the Internet.
• A system that sends nothing but data from one computer to another is not complete.
• Today, computers are devices that can run multiple processes at the same time.
• The end objective of Internet communication is a process communicating with another
process.
• For example, computer A can communicate with computer C by using TELNET.
• At the same time, computer A communicates with computer B by using the File
Transfer Protocol (FTP).
• For these processes to receive data simultaneously, we need a method to label the
different processes.
• In other words, they need addresses. In the TCP/IP architecture, the label assigned to a
process is called a port address. A port address in TCP/IP is 16 bits in length.
The physical addresses change from hop to hop but the logical and
port addresses usually remain the same.
Application-Specific Addresses

• Some applications have user-friendly addresses that are designed for

that specific application.
• Examples include the e-mail address
• (for example, [email protected]) and
• the Universal Resource Locator (URL)
• (for example, www.mhhe.com).
• The first defines the recipient of an e-mail; the second is used to find a
document on the World Wide Web.
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP– An Introduction
The Internet Protocol (IP) is the transmission mechanism used by the TCP/IP protocols at the
network layer Operates at higher level

Position of IP in TCP/IP protocol suite

 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP– An Introduction

IP is an unreliable and connectionless datagram protocol—a best-effort delivery

service.
The term best-effort means that IP packets can be corrupted, lost, arrive out of
order, or delayed and may create congestion for the network.
If reliability is important, IP must be paired with a reliable protocol such as TCP.
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP– An Introduction
example
✔ The post office does its best to deliver the mail but does not always succeed. If an
unregistered letter is lost, it is up to the sender or would-be recipient to discover the loss
and rectify the problem.
✔ The post office itself does not keep track of every letter and cannot notify a sender of loss
or damage.
IP is also a connectionless protocol for a packet switching network that uses the datagram
approach
This means that each datagram is handled independently, and each datagram can follow a
different route to the destination.
DATAGRAMS
• Packets in the network (internet) layer are called datagrams.
• A datagram is a variable-length packet consisting of two parts: header
and data.
• The header is 20 to 60 bytes in length and contains information
essential to routing and delivery.
• It is customary in TCP/IP to show the header in 4-byte sections.
• A brief description of each field is in order routing and delivery.
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Datagram
Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Header

Time to Live (8) Protocol (8) Header Checksum (16)

Source IP Address
Destination IP Address
Options (if any)
Data

Data (variable length)

𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Version
– Version number of IP protocol IP Packet Header
– Current version is Version 4
– Version 6 has different header format
Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
Version (VER).
• This 4-bit field defines the version of the IP protocol.
• Currently the version is 4.
• However, version 6 (or IPv6) may totally replace version 4 in the
future.
• This field tells the IP software running in the processing machine that
the datagram has the format of version 4.
• All fields must be interpreted as specified in the fourth version of the
protocol.
• If the machine is using some other version of IP, the datagram is
discarded rather than interpreted incorrectly
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Header Length (in 32 bit words)
– Indicates end of header and beginning of payload
– If no options, Header length = 5
•Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
Header length (HLEN)
• This 4-bit field defines the total length of the datagram header in
4-byte words.
• This field is needed because the length of the header is variable
(between 20 and 60 bytes).
• When there are no options, the header length is 20 bytes, and the value
of this field is 5 (5 × 4 = 20).
• When the option field is at its maximum size, the value of this field is
15 (15× 4= 60).
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Type of Service (TOS)
– Allows different types of service to be requested
– Initially, meaning was not well defined
– Currently being defined (diffserv)
Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
Service type:
• In the original design of IP header, this field was referred to as type
of service (TOS), which defined how the datagram should be
handled.
• Part of the field was used to define the precedence of the datagram; the
rest defined the type of service (low delay, high throughput, and so on).
• IETF has changed the interpretation of this 8-bit field.
• This field now defines a set of differentiated services.
• The new interpretation is shown in Figure .
 Service type:

• In this interpretation, the first 6 bits make up the codepoint subfield and the last 2
bits are not used.
• The codepoint subfield can be used in two different ways.
a. When the 3 right-most bits are 0s, the 3 left-most bits are interpreted the
same as the precedence bits in the service type interpretation.
In other words, it is compatible with the old interpretation.
• The precedence defines the eight-level priority of the datagram (0 to 7) in issues
such as congestion.
• If a router is congested and needs to discard some datagrams, those datagrams with
lowest precedence are discarded first.
Service type:

• When the 3 right-most bits are not all 0s, the 6 bits define 56 (64− 8)
services based on the priority assignment by the Internet or local
authorities according to Table 7.1.
• The first category contains 24 service types; the second and the third
each contain 16.
• The first category is assigned by the Internet authorities (IETF).
• The second category can be used by local authorities (organizations).
• The third category is temporary and can be used for experimental purposes
 Total length
• This is a 16-bit field that defines the total length (header plus data) of the
IP datagram in bytes.
• To find the length of the data coming from the upper layer, subtract the
header length from the total length.
• The header length can be found by multiplying the value in the HLEN field
by four.
• Length of data = total length − header length
• The total length field defines the total length of the datagram including
the header
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Packet Length (in Bytes)
– Unambiguously specify end of packet
– Max packet size = 216 = 65,535 Bytes

Bit 0
Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Packet Header
• These three fields for Fragmentation Control
Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Packet Header
Time to Live : A datagram has a limited lifetime in its travel through an
internet
– Initially set by sender (up to 255)
– Decremented by each router
– Discard
Version Hdrwhen
Len TTL = 0 to avoid infinite routing loops
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Packet Header
Protocol : This 8-bit field defines the higher-level protocol that uses the services
of the IP layer
– Value indicates what is in the data field
Bit 0 – Example: TCP or UDP Bit 31

Version Hdr Len

(4) (4)
TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)

Time to Live (8) Protocol (8) Header Checksum (16)

Source IP Address

Destination IP Address

Options (if any)

•IP protocol multiplexes and demultiplexes data from different higher-level protocols,
• the value of this field helps in the demultiplexing process when the datagram arrives
at its final destination
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Header Checksum
– Checks for error in the header only

– Bad headers can harm the network

– If error found, packet is simply discarded

Version Hdr Len • Bit 31
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Source and Destination IP Addresses
– Strings of 32 ones and zeros

Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Packet Header
Options
– Example: timestamp, record route, source route
Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
FRAGMENTATION
• A datagram can travel through different networks.
• Each router decapsulates the IP datagram from the frame it receives,
processes it, and then encapsulates it in another frame.
• The format and size of the sent frame depend on the protocol used by
the physical network through which the frame is going to travel.
• For example, if a router connects a LAN to a WAN, it receives a frame
in the LAN format and sends a frame in the WAN format.
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Fragmsentation & Reassembly
Maximum Transmission Unit (MTU)
– Largest IP packet a network will accept
– Arriving IP packet may be larger (max IP packet size = 65,535 bytes)
Sender or router will split the packet into multiple fragments
Destination will reassemble the packet
IP header fields used to identify and order related fragments
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Fragmentation & Reassembly
Divide the datagram to make it possible to pass through these networks called
fragmentation.
A fragmented datagram may itself be fragmented if it encounters a network with an even
smaller MTU.
A datagram can be fragmented by the source host or any router in the path
the reassembly of the datagram, however, is done only by the destination host
When a datagram is fragmented, required parts of the header must be copied by all
fragments.
Only data in a datagram is fragmented
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Fields Related to Fragmentation
• The fields that are related to fragmentation and reassembly of an IP
datagram are the
identification,
flags, and
fragmentation offset fields.
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Identification
• – All fragments of a single datagram have the same identification
number
•Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Identification
• This 16-bit field identifies a datagram originating from the source host.
• To guarantee uniqueness, the IP protocol uses a counter to label the datagrams.
• The counter is initialized to a positive number.
• When the IP protocol sends a datagram, it copies the current value of the
counter to the identification field and increments the counter by one.
• When a datagram is fragmented, the value in the identification field is copied
into all fragments.
• all fragments have the same identification number, which is also the same as the
original datagram.
• The identification number helps the destination in reassembling the datagram.
• It knows that all fragments having the same identification value should be
assembled into one datagram.
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
• Flags. This is a three-bit field. The first bit is reserved (not used).
• The second bit is called the do not fragment bit.
• If its value is 1, the machine must not fragment the datagram.
• If it cannot pass the datagram through any available physical network, it
discards the datagram and sends an ICMP error message to the source host
• If its value is 0, the datagram can be fragmented if necessary.
• The third bit is called the more fragment bit.
• If its value is 1, it means the datagram is not the last fragment; there are
more fragments after this one.
• If its value is 0, it means this is the last or only fragment
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Flags:
1st bit: reserved, must be zero
2nd bit: DF -- Do Not Fragment If its value is 1, the machine must not fragment the datagram
3rd bit: MF -- More Fragments
Bit 0
Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Fragmentation offset.
• This 13-bit field shows the relative position of this fragment with respect to the
whole datagram.
• It is the offset of the data in the original datagram measured in units of 8 bytes.
• shows a datagram with a data size of 4000 bytes fragmented into three fragments.
• The bytes in the original datagram are numbered 0 to 3999.
• The first fragment carries bytes 0 to 1399.
• The offset for this datagram is 0/8 = 0.
• The second fragment carries bytes 1400 to 2799; the offset value for this fragment
is 1400/8 = 175.
• Finally, the third fragment carries bytes 2800 to 3999. The offset value for this
fragment is 2800/8 = 350.
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
• Fragment Offset (in units of 8 bytes)
– Used for reassembly of packet
– 1st fragment has offset = 0

Bit 0 Bit 31
Version Hdr Len
(4) (4) TOS (8) Total Length in bytes (16)
Identification (16 bits) Flags (3) Fragment Offset (13)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address
Destination IP Address
Options (if any)
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Fragmentation Example

• Host A wants to send to Host B an IP datagram of size = 4000

Bytes
Ethernet
FDDI
Ring
Host A Router Host B
MTU = 1500
MTU = 4352
𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
IP Fragmentation Example
length ID MF offset
=4000 =x =0 =0

One large datagram becomes

several smaller datagrams

length ID MF offset
=1500 =x =1 =0

length ID MF offset
=1500 =x =1 =1480

length ID MF offset
=1040 =x =0 =2960
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Multiple Fragmenting Points

Let MTUs along internet path be

– 1500
– 1500
– 1000
– 1500
– 576
– 1500
Result: fragmentation can occur twice
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
Multiple Fragmenting Points

Detailed
fragmentation
example
 𝐈𝐏 𝐇𝐞𝐚𝐝𝐞𝐫 & 𝐈𝐏 𝐅𝐫𝐚𝐠𝐦𝐞𝐧𝐭𝐚𝐭𝐢𝐨𝐧
The figure shows what happens if a fragment itself is fragmented.
In this case the value of the offset field is always relative to the original datagram.
a. The first fragment has an offset field value of zero.
b. Divide the length of the first fragment by 8. The second fragment has an offset
value equal to that result.
c. Divide the total length of the first and second fragment by 8. The third fragment
has an offset value equal to that result.
d. Continue the process. The last fragment has a more bit value of 0.
2. ARP & RARP
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Logical Addresses
✔ The hosts and routers are recognized at the network level by their logical
addresses

A logical address is an internet address

Called a logical address because it is usually implemented in software

The logical addresses in the TCP/IP are called IP address and are 32 bits
long
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
Physical Address
✔ However, hosts/routers are recognized at the physical layer by their physical
address
A physical address is an local address
Called a physical address because it is usually implemented in hardware
Examples
▪ 48-bit MAC addresses in Ethernet
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
Translation
We need both the physical address and the logical address for packet delivery.
Thus, we need to be able to map a logical address to its corresponding physical
address and vice versa
Solutions

■ Static mapping

■ Dynamic mapping
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
Static Mapping
Create a table that associates a logical address with a physical address and store
in each machine
However, physical addresses may change A machine could change its NIC
resulting in a new physical address
In some LANs, such as Local Talk, the physical address changes every time the
computer is turned on.
A mobile station can move from one physical network to another, resulting in a
change in its physical address
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Dynamic Mapping
Each time a machine knows the logical address of another machine, Use a protocol
to find another address
ARP: Address Resolution Protocol

▪ Map a logical address to a physical address

RARP: Reverse Address Resolution Protocol

■ Map a physical address to a logical address

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
ARP and RARP
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
Position of ARP and RARP in TCP/IP Protocol Suite
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
ARP Operation
To find the physical address of another host or router on its network

✔ Send an ARP request message

ARP request message

✔ The physical address of the sender

✔ The IP address of the sender

✔ The physical address of the receiver is zeros

✔ The IP address of the receiver

✔ the query is broadcast over the network

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

ARP Operation CONT..

Then, ARP request message is broadcast by the physical layer

■ For example: in Ethernet, MAC header’s destination address is all 1s (broadcast

address)

■ Received by every station on the physical network

The intended recipient send back an ARP reply message

■ ARP reply message packet is unicast
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
ARP Packet
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction Packet Format
□ HTYPE (Hardware type)

■ 16-bit field defining the underlying type of the network

■ Each LAN has been assigned an integer based on its type.

□ Ethernet is given the type 1
□ ARP can be used on any physical network
□ PTYPE (Protocol type)
■ 16-bit field defining the protocol
IPv4 is 080016
□ ARP can be used with any higher-level protocol
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
Packet Format
□ HLEN (Hardware length)

■ 8-bit field defining the length of the physical address in bytes

□ Ethernet has the value of 6
□ PLEN (Protocol length)

■ 8-bit field defining the length of the logical address in bytes

□ IPv4 has the value of 4
□ OPER (Operation)
■ 16-bit field defining the type of packet
■ (1) = ARP request, (2) = ARP reply
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Packet Format
□ SHA (Sender hardware address)

■ A variable-length field defining the physical address of the

sender

□ SPA (Sender protocol address)

■ A variable-length field defining the logical address of the

sender
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Packet Format
□ THA (Target hardware address)

■ A variable-length field defining the physical address of the target

■ For an ARP request operation packet

□ This field is all 0s

□ TPA (Target protocol address)

■ A variable-length field defining the logical address of the target

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Encapsulation of ARP Packet

□ An ARP packet is encapsulated directly into a data link frame

□ Type field indicates that the data carried by the frame is an ARP packet
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
Operations
□ The sender knows the target’s IP address

□ IP asks ARP to create an ARP request message

■ The sender physical address & The sender IP address

■ The target physical address field is filled with 0s

■ The target IP address

□ The message is passed to the data link layer to encapsulate in a data link frame

■ Physical destination address is broadcast address

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Operations
□ Every host or routers receives the frame and since the destination address is
broadcast, pass it to the ARP

■ All machines’ ARP except the one targeted drop the packet

□ The target reply with an ARP reply message that contains its physical address and
is unicast

□ The sender receives the reply message and knows the target’s physical address
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction
Four Cases to Use ARP
□ Case 1: The sender is a host and wants to send a packet to another host on the same
network

■ Use ARP to find another host’s physical address

□ Case 2: The sender is a host and wants to send a packet to another host on another
network

■ Sender looks at its routing table

■ Find the IP address of the next hop (router) for this destination

■ Use ARP to find the router’s physical address

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Four Cases Using ARP: Case 1

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Four Cases Using ARP: Case 2

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Four Cases to Use ARP

□ Case 3: the sender is a router and received a datagram destined for a host on
another network

■ Router check its routing table & find the IP address of the next router

■ Use ARP to find the next router’s physical address

□ Case 4: the sender is a router that has received a datagram destined for a host
in the same network

■ Use ARP to find this host’s physical address

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Four Cases Using ARP: Case 3

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Four Cases Using ARP: Case 4

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

An ARP request is broadcast;

an ARP reply is unicast

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Example 1
□ A host with IP address 130.23.43.20 and physical address 0xB23455102210

□ Another host with IP address 130.23.43.25 and physical address

0xA46EF45983AB.

□ The two hosts are on the same Ethernet network

□ Show the ARP request and reply packets encapsulated in Ethernet frames
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Example 1
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Example 1
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Proxy ARP
□ Used to create a subnetting effect

□ A router running a proxy ARP

■ A Proxy ARP acts on behalf of a set of hosts

■ If it receives an ARP request message looking for the address of one of these host

□ Router sends an ARP reply announcing its own hardware (physical) address

■ After the router receives the actual IP packet, It sends the packet to the
appropriate host or router
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Example
□ Administrator need to create a subnet without changing the whole system
□ Add a router running a proxy ARP
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP– An Introduction

Proxy ARP
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package : simplified ARP software package. The purpose is to show the
components of a hypothetical ARP package and the relationships between the
components.

□ Five components in an ARP package

■ A cache table

■ Queues

■ An output module

■ An input module

■ A cache-control module
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package ARP COMPONENTS
The package receives an IP
datagram that needs to be
encapsulated in a frame that
needs the destination
physical (hardware) address.

If the ARP package finds this

address, it delivers the IP
packet and the physical
address to the data link layer
for transmission.
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
□ CACHE TABLE : A sender usually has more than one IP datagram to send to
the same destination
□ Inefficient to use ARP to each datagram destined for the same host or router

■ Introduce the cache table

■ When a host or router receives the corresponding physical address for an IP datagram, the
address can be saved in the cache table.

■ This address can be used for the datagrams destined for the same receiver within the next few
minutes.

■ However, as space in the cache table is very limited, mappings in the cache are not retained for
an unlimited time.
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
□ Cache table: an array of entries that contains the following’s fields

□ State: Content of a Cache Table Entry State: It can have one of three values
■ FREE: the lime-to-live for this entry has expired .The space can be used for a new entry .

■ PENDING: a request for this entry has been sent, but the reply has not yet been received
■ RESOLVED: the entry is complete and valid
□ Hardware type
□ Protocol type
□ Hardware length
□ Protocol length
■ Above fields are all the same as in the ARP packet
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package

❑ Interface number : A router can be connected to different networks, each with a different
interface number. Each network can have different hardware and protocol types.

❑Queue number: ARP uses numbered queues to enqueuer the packet waiting for address
resolution

❑Attempts: the number of times an ARP request is sent out for this entry

❑Time-out: the lifetime of an entry in seconds

Hardware address: the destination hardware address It remains empty until resolved by an
ARP reply.

❑Protocol address: the destination IP address

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
QUEUES
□ ARP package maintains a set of queues to hold the IP packets while ARP tries to
resolve the hardware address

□ Packets for the same destination are usually enqueued in the same queue

□ The output module sends unsolved packets into the queue

□ The input module removes a packet from the queue and sends it, with the resolved
physical address, to data link layer for transmission
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Output Module
□ Wait until an IP packet from the IP software
□ Check the cache table if receiving a IP packet
■ If found and state = RESOLVED
□ Passed to the data link layer for transmission
■ If found and state = PENDING
□ Send packet to this queue and wait
■ If not found
□ Create an entry with state = PENDING
□ Create a queue and enqueue this packet
□ Value of the ATTEMPTS field is set to 1.
□ An ARP request packet is then broadcast.
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Input Module
□ Wait until an ARP packet (request or reply) arrives and check the cache table
□ The target protocol address should match the protocol address of the entry.

■ If found state = PENDING

□ Copy the target hardware address in the packet

□ Change the state to RESOLVED

□ Set the value of TIME-OUT for this entry

□ Dequeue the packets from the corresponding queue and set them to the data link
layer
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Input Module (Conti…)
■ If found and state = RESOLVED

□ Copy the target hardware address in the packet

□ Set the value of TIME-OUT for this entry

□ This is because the target hardware address could have been changed

■ If not found

□ Create a new entry and adds it to the table

□ If the packet is a request

■ Send an ARP reply

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Cache Control Module
□ Maintain the cache table by periodically check the cache table, entry by entry

□ If state is PENDING

■ Increment the value of attempts by 1

■ If (attempts greater than maximum)

□ Change the state to FREE and Destroy the corresponding queue

■ Else

□ Send an ARP request

 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Cache Control Module
□ If state is RESOLVED

■ Decrement the value of time-out by the value of elapsed time

■ If (time-out <= 0)

□ Change the state to FREE

□ Destroy the corresponding queue

□ If state is FREE

■ Continue to the next entry

𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
Original Cache Table
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Example 2

□ The ARP output module receives an IP datagram from the IP layer with the
destination address 114.5.7.89

□ It checks the cache table and finds that an entry exists for this destination with the
RESOLVED state

□ It extracts the hardware address, which is 457342ACAE32, and sends the packet and
the address to the data link layer
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Example 3

□ Twenty seconds later, the ARP output module receives an IP datagram from the
IP layer with the destination address 116.1.7.22.

□ It checks the cache table and does not find this destination in the table

□ The module adds an entry to the table with the state PENDING and the Attempt
value 1

□ It also creates a new queue for this destination and enqueues the packet

□ It then sends an ARP request to the data link layer for this destination
𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
Cache table for Example 3
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Example 4

□ Fifteen seconds later, the ARP input module receives an ARP packet with target
protocol (IP) address 188.11.8.71
□ The module checks the table and finds this address

□ It changes the state of the entry to RESOLVED and sets the time-out value to 900

□ The module then adds the target hardware address (E34573242ACA) to the entry

□ Now it accesses queue 18 and sends all the packets in this queue, one by one, to the
data link layer
𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
Cache table for Example 4
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Example 5

□ Twenty-five seconds later, the cache-control module waits up

□ The time-out values for the first three resolved entries are decremented by 60

□ The time-out value for the last resolved entry is decremented by 25

□ The state of the next-to-the last entry is changed to FREE because the time-out is zero
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
ARP–Package
Example 5 (Conti…)

□ For each of the three pending entries, the value of the attempts field is
incremented by one

□ Then, the attempts value for one entry (the one with IP protocol address
201.11.56.7) is more than the maximum
■ the state is changed to FREE, the queue is deleted

■ An ICMP message is sent to the original destination

𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
Cache table for Example 5
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
RARP–Package

□ A diskless machine is usually booted from ROM

□ It cannot include the IP address

■ IP address are assigned by the network administrator

□ Obtain its logical address by the physical address using the RARP protocol
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
RARP–Package
RARP
F RARP
Operation
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
RARP–Package
F

The RARP request packets are

broadcast;
the RARP reply packets are
unicast.
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
RARP–Package
Packet Format
□ The format of the RARP packet is the same as the ARP packet

□ Except that the operation field is

■ Three for RARP request message

■ Four for RARP reply message

 F
𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
RARP–Package
RARP Packet
 F
𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
RARP–Package
 𝒜𝑅𝒫 & 𝑅𝒜𝑅𝒫
RARP
Alternative Solutions to RARP
□ When a diskless computer is booted, it needs more information in addition to its IP
address

■ The subnet mask

■ The IP address of a router

■ The IP address of a name server

□ RARP cannot provide this extra information

□ Two protocols, BOOTP and DHCP, can be used instead of RARP

3. Internet Control Message Protocol (ICMP)
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– An Introduction
Why ICMP?
IP has no error – reporting or error correcting mechanism
Scenarios in which the error occurs..
✔ What happens if something goes wrong?
✔ What happens if a router must discard a datagram but it cannot find a router to
the final destination.
✔ because the time-to-live field has a zero value
✔ What happens if the final destination host must discard all fragments of a
datagram due to time limit?
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– An Introduction
The above are some examples situations where an error has occurred and the IP has
no built-in mechanism to notify the original host.
It depends on Internet Control Message Protocol(ICMP) to provide an error control.
ICMP –Internet Control Message Protocol
It is a companion to the IP protocol

Position of ICMP in the network layer

 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– An Introduction
ICMP -network layer protocol.
messages are not passed directly to the data link layer.
The messages encapsulated inside IP datagrams before going to the lower layer .
The value of the protocol field in the IP datagram is 1 to indicate that the IP data is an
ICMP message

ICMP Encapsulation
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– Message
ICMP message is of Two categories:
Error-reporting Messages
✔ This report problems that a router or a host may encounter when it
processes an IP packet.
The query messages
✔ helps network manager get specific information from a router or another
host.
✔ For example, nodes can discover their neighbors.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– Message

ICMP Messages
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– Message format
8-byte header
variable-size data section.
The first field, ICMP type, defines the type of the message.
The code specifies the reason for the particular message type.
The checksum field .
The rest of the header is specific for each message type.
The data section in error messages carries information for finding the original packet
that had the error
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– Message format

General format of ICMP MESSAGE

 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Error Reporting Messages

One of the main responsibilities of ICMP is to report errors.
IP is an unreliable protocol, error checking and error control are not a
concern of IP.
ICMP always reports error messages to the original source.
Error correction is left to the higher-level protocols.
Error messages are always sent to the original source
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Error-repor
ting
messages

Important ICMP error messages: No ICMP error message will be

No ICMP error message will be generated for a datagram having a
generated in response to a datagram multicast address.
carrying an ICMP error message. No ICMP error message will be
No ICMP error message will be generated for a datagram having a
generated for a fragmented datagram special address such as 127.0.0.0 or
that is not the first fragment. 0.0.0.0.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT
Destination Unreachable
A router cannot route a datagram or a host cannot deliver a datagram then the
datagram is discarded
The router or the host sends a destination-unreachable message back to the
source host

Destination-unreachable format
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT
Destination Unreachable

Contents of data field for the error messages

The code field for this type specifies the reason for discarding the datagram:
Code 0. The network is unreachable, possibly due to hardware failure
Code 1. The host is unreachable. This can also be due to hardware failure
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Destination Unreachable
Code 2. The protocol is unreachable. An IP datagram can carry data belonging to
higher-level protocols such as UDP, TCP, and OSPF. If the destination host receives a
datagram that must be delivered, for example, to the TCP protocol, but the TCP
protocol is not running at the moment, a code 2 message is sent.
Code 3. The port is unreachable. The application program (process) that the datagram
is destined for is not running at the moment.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Destination Unreachable
Code 4. Fragmentation is required, but the DF (do not fragment) field of the datagram
has been set. In other words, the sender of the datagram has specified that the
datagram not be fragmented, but routing is impossible without fragmentation.
Code 5. Source routing cannot be accomplished. In other words, one or more routers
defined in the source routing option cannot be visited.
Code 6. The destination network is unknown. This is different from code 0. In code 0,
the router knows that the destination network exists, but it is unreachable at the
moment. For code 6, the router has no information about the destination network.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Destination Unreachable
Code 7. The destination host is unknown. This is different from code 1. In code 1, the
router knows that the destination host exists, but it is unreachable at the moment. For
code 7, the router is unaware of the existence of the destination host.
Code 8. The source host is isolated.
Code 9. Communication with the destination network is administratively prohibited.
Code 10. Communication with the destination host is administratively prohibited.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Destination Unreachable
Code 11. The network is unreachable for the specified type of service. This is different
from code 0. Here the router can route the datagram if the source had requested an
available type of service.
Code 12. The host is unreachable for the specified type of service. This is different
from code 1. Here the router can route the datagram if the source had requested an
available type of service.
Code 13. The host is unreachable because the administrator has put a filter on it.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Destination Unreachable
Code 14. The host is unreachable because the host precedence is violated. The
message is sent by a router to indicate that the requested precedence is not permitted
for the destination.
Code 15. The host is unreachable because its precedence was cut off. This message is
generated when the network operators have imposed a minimum level of precedence
for the operation of the network, but the datagram was sent with a precedence below
this level.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Source Quench
There is no flow-control or congestion-control mechanism in the IP protocol.
A source-quench message informs the source that a datagram has been discarded
due to congestion in a router or the destination host.
The source must slow down the sending of datagrams until the congestion is
relieved.

Source Quench Format

 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Time Exceeded
The time-exceeded message is generated in two forms:
1. Whenever a router decrements a datagram with a time-to-live value to zero, it
discards the datagram and sends a time-exceeded message to the original source.
2. When the final destination does not receive all of the fragments in a set time, it
discards the received fragments and sends a time-exceeded message to the original
Source
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Time Exceeded
In a time-exceeded message, code 0 is used only by routers to show that the value of
the time-to-live field is zero. Code 1 is used only by the destination host to show that
not all of the fragments have arrived within a set time.

Time Exceeded format

 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Parameter Problem
If a router or the destination host discovers an ambiguous or missing value in any field
of the datagram, it discards the datagram and sends a parameter-problem message
back to the source.
Code 0. There is an error or ambiguity in one of the header fields. In this case, the
value in the pointer field points to the byte with the problem. For example, if the value
is zero, then the first byte is not a valid field.
Code 1. The required part of an option is missing. In this case, the pointer is not used.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT
Redirection message
A host usually starts with a small routing table that is gradually augmented and
updated. One of the tools to accomplish this is the redirection message..
Code 0. Redirection for a network-specific route.
Code 1. Redirection for a host-specific route.
Code 2. Redirection for a network-specific route based on a specified type of service.
Code 3. Redirection for a host-specific route based on a specified type of service
A redirection message is sent from a router to a host on the same local network.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

The redirection message is considered an error-reporting message, it is different from other error
messages.
The router does not discard the datagram in this case; it is sent to the appropriate router.
Query Messages
• In addition to error reporting, ICMP can also diagnose some
network problems.
• This is accomplished through the query messages.
• A group of five different pairs of messages have been designed for
this purpose, but three of these pairs are deprecated today
• Only two pairs are used today:
• echo request and replay and
• timestamp request and replay.
• In this type of ICMP message, a node sends a message that is
answered in a specific format by the destination node.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
Echo Request And Reply

The echo-request and echo-reply messages are designed for diagnostic purposes
Network managers and users utilize this pair of messages to identify network problems.
The combination of echo-request and echo-reply messages determines whether two
systems (hosts or routers) can communicate with each other.
An echo-request message can be sent by a host or router. An echo-reply message is sent by the host
or router that receives an echo-request message.
Echo-request and echo-reply messages can be used by network managers to check the operation of
the IP protocol.
Echo-request and echo-reply messages can test the reachability of a host.
This is usually done by invoking the ping command.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
Timestamp Request and Reply

The timestamp-request and timestamp-reply messages to determine the

round-trip time needed for an IP datagram to travel between them

sending time = receive timestamp − original timestamp

receiving time = returned time − transmit timestamp
round-trip time = sending time + receiving time
Timestamp-request and timestamp-reply messages can be used to calculate the
round-trip time between a source and a destination machine even if their clocks are
not synchronized.
The timestamp-request and timestamp-reply messages can be used to synchronize
two clocks in two machines if the exact one-way time duration is known.
 Echo-request and echo-reply messages

Timestamp-request and timestamp-reply

message format
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
Timestamp Request and Reply

❑ original timestamp: 46 receive timestamp: 59

❑ transmit timestamp: 60 return time: 67
❑ sending time = 59 − 46 = 13 milliseconds
❑ receiving time = 67 − 60 = 7 milliseconds
❑ round-trip time = 13 + 7 = 20 milliseconds
❑ Time difference = receive timestamp − (original timestamp field + one-way time
duration)
❑ Time difference = 59 − (46 + 10) = 3
Deprecated Messages
• Three pairs of messages are declared obsolete by IETF:
• 1. Information request and replay messages are not used today
because their duties are done by Address Resolution Protocol
(ARP)
• 2. Address mask request and reply messages are not used today
because their duties are done by Dynamic Host Configuration
Protocol (DHCP)
• 3. Router solicitation and advertisement messages are not used
today because their duties are done by Dynamic Host
Configuration Protocol (DHCP),
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)

Checksum

• In ICMP the checksum is calculated over the entire message

• (header and data)

 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Checksum Calculation
The sender follows these steps using one’s complement arithmetic:
1. The checksum field is set to zero.
2. The sum of all the 16-bit words (header and data) is calculated.
3. The sum is complemented to get the checksum.
4. The checksum is stored in the checksum field.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– MESSAGE FORMAT

Checksum Testing
The receiver follows these steps using one’s complement arithmetic:
1. The sum of all words (header and data) is calculated.
2. The sum is complemented.
3. If the result obtained in step 2 is 16 0s, the message is accepted; otherwise, it is
rejected.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
• an example of checksum calculation for a simple echo-request
message
• We randomly chose the identifier to be 1 and the sequence number
to be 9.
• The message is divided into 16-bit (2-byte) words.
• The words are added together and the sum is complemented.
• Now the sender can put this value in the checksum field.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL

To check whether host or router is alive and running

To trace the route of a packet.
Two tools that use ICMP for debugging: ping and traceroute
Ping
The ping program to find if a host is alive and responding.
Command : ping the ip of the host.(ping 152.18.1.3)
The source host sends ICMP echo request messages (type: 8, code: 0);
The destination, if alive, responds with ICMP echo reply messages.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL
Ping cont…
Starts the sequence number from 0; this number is incremented by one each time a
new message is sent.
ping can calculate the round-trip time.
Inserts the sending time in the data section of the message.
When packet arrives it subtracts the arrival time from the departure time to get the
Round-Trip Time (RTT).
The TTL (time to live) field is encapsulates an ICMP message as 62, which means the
packet cannot travel more than 62 hops
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL

Example : $ ping fhda.edu

PING fhda.edu (153.18.8.1) 56 (84) bytes of data.
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=0 ttl=62 time=1.91 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=1 ttl=62 time=2.04 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=2 ttl=62 time=1.90 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=3 ttl=62 time=1.97 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=4 ttl=62 time=1.93 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=5 ttl=62 time=2.00 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=6 ttl=62 time=1.94 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=7 ttl=62 time=1.94 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=8 ttl=62 time=1.97 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=9 ttl=62 time=1.89 ms
64 bytes from tiptoe.fhda.edu (153.18.8.1): icmp_seq=10 ttl=62 time=1.98 ms
--- fhda.edu ping statistics ---
11 packets transmitted, 11 received, 0% packet loss, time 10103 ms
rtt min/avg/max = 1.899/1.955/2.041 ms
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL
Ping cont…
it prints the statistics of the probes
Ping data bytes as 56 and the total number
✔ number of packets sent,
of bytes as 84.
✔ the number of packets received.
8 bytes ICMP header+ 20 bytes of IP header
✔ the total time
to 56 =84
✔ the RTT minimum, maximum,
ping defines the number of bytes as 64(56
and average.
+ 8).
Interrupts message ctrl+c.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL
TRACE ROUTE
The traceroute program in UNIX or tracert in Windows.
It is used to route the packets from source to destination.
Example Scenario

The Traceroute Program Operation

 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL
Trace route cont….
In above example Given the topology, A packet from host A to host B travels through
routers R1 and R2.
The traceroute program find the address of router R1 & RTT between host A and
router R1.
The program repeats steps a to c three times to get a better average round-trip time.
a. Host A sends a packet to destination B using UDP the message is encapsulated
in an IP packet with a TTL value of 1. The program notes the time the packet is sent.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL
Trace route cont.….
b. Router R1 receives the packet and decrements the value of TTL to 0. It
then discards the packet (because TTL is 0).
c. In receiver the ICMP messages uses the source address of the IP packet to
find the IP address of router R1 and also makes note of the time the packet has
arrived.
The traceroute program repeats the previous steps to find the address of router R2
and the round-trip time between host A and router R2.
The round-trip time between host A and host B.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL
Trace route cont.….
Example: The traceroute program to find the route from the computer
voyager.deanza.edu to the server fhda.edu. The following shows the result.
$ traceroute fhda.edu
traceroute to fhda.edu (153.18.8.1), 30 hops max, 38 byte packets
1 Dcore.fhda.edu (153.18.31.25) 0.995 ms 0.899 ms 0.878 ms
2 Dbackup.fhda.edu (153.18.251.4) 1.039 ms 1.064 ms 1.083 ms
3 tiptoe.fhda.edu (153.18.8.1) 1.797 ms 1.642 ms 1.757 ms
In the above example the destination is 153.18.8.1.
TTL value is 30 hops.
The packet contains 38 bytes: 20 bytes of IP header, 8 bytes of UDP header, and 10
bytes of application data.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– DEBUGGING TOOL
Trace route cont.….
The router is named Dcore.fhda.edu with IP address 153.18.31.254.
The Round Trip Time
1. 0.995 milliseconds,
2. 0.899 milliseconds
3. 0.878 milliseconds
The router is named Dbackup.fhda.edu with IP address 153.18.251.4.
The third line shows the destination host.
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– Package
To handle the ICMP sending and receiving messages
ICMP package made of two modules:
input module
output module

ICMP package
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– Package
Input Module
Handles all received ICMP messages.
Invoked when an ICMP packet is delivered from the IP layer.
If the received packet is a
✔ request - the module creates a reply and sends it out.
✔ redirection message - Uses the information to update the routing table.
✔ error message - It informs the protocol about the situation that caused the
error.
Input Module Pseudo code

ICMP_Input_module (ICMP_Packet)
{
If (the type is a request)
{
Create a reply
Send the reply
}
If (the type defines a redirection)
{
Modify the routing table
}
If (the type defines other error messages)
{
Inform the appropriate source protocol
}
Return
}
 𝕴𝖓𝖙𝖊𝖗𝖓𝖊𝖙 𝕮𝖔𝖓𝖙𝖗𝖔𝖑 𝕸𝖊𝖘𝖘𝖆𝖌𝖊 𝕻𝖗𝖔𝖙𝖔𝖈𝖔𝖑 (𝕴𝕮𝕸𝕻)
ICMP– Package
An ICMP message cannot be
Output Module created for four situations:
Responsible for creating request, ✔ an IP packet carrying an ICMP
solicitation, or error messages requested by error message.
a higher level or the IP protocol. ✔ a fragmented IP packet.
receives a demand from IP,UDP, or TCP to ✔ A multicast IP packet.
send one of the ICMP error messages. ✔ an IP packet having IP address
IP request is first allowed 0.0.0.0 or 127.X.Y. Z.
Output Module Pseudo code
ICMP_Output_Module (demand)
{
If (the demand defines an error message)
{
If (demand comes from IP AND is forbidden)
{
Return
}
If (demand is a valid redirection message)
{
Return
}
Create an error message
If (demand defines a request)
{
Create a request message
}
Send the message
Return
}
Thank
You