Upon completion of this chapter, you will be able to ■ Describe the ICMP message format ■ Identify ICMP error message types ■ Identify potential causes of specific ICMP error messages ■ I
Trang 1Check Your Understanding 759
12. An administrative distance of 15 indicates which of the following?
A. The IP address is static
B. The IP address is dynamic
C. The routing information source is relatively trustworthy
D. The routing information source is relatively untrustworthy
13. If you just added a new LAN to your internetwork and you want to manually
add the network to your routing table, what command structure would you use?
A. router (config)> ip route 2.0.0.0 255.0.0.0 via 1.0.0.2
B. router (config)# ip route 2.0.0.0 255.0.0.0 1.0.0.2
C. router (config)# ip route 2.0.0.0 via 1.0.0.2
D. router (config)# ip route 2.0.0.0 1.0.0.2 using 255.0.0.0
1102.book Page 759 Tuesday, May 20, 2003 2:53 PM
Trang 2Upon completion of this chapter, you will be able to
■ Describe the ICMP message format
■ Identify ICMP error message types
■ Identify potential causes of specific ICMP error messages
■ Identify a variety of ICMP control messages used in networks today
■ Determine the causes for ICMP control messages
Trang 3Chapter 17
TCP/IP Error and Control Messages
Now that you have learned about the router configuration process, it is time to learn about Transmission Control Protocol/Internet Protocol (TCP/IP) suite error and control messages In this chapter, you learn how the Internet Control Message Protocol (ICMP) provides control and message functions In addition, you learn about potential causes of ICMP error messages and how to identify them
Please be sure to look at this chapter’s associated e-Labs, Videos, and PhotoZooms that you will find on the CD-ROM accompanying this book These CD elements are designed
to supplement the material and reinforce the concepts introduced in this chapter
Functionality and Role of IP in Error Control
The function of IP is to facilitate network communication between hosts The design of IP allows for the addressing of hosts and networks This distinguishes IP from nonroutable protocols that can address individual hosts but that are not designed to make distinctions between networks IP acceptance is so widespread that, in addition to being the protocol used for data delivery over the Internet, it has become the default internal protocol for small LANs that do not necessarily require routing capabilities
The limitation of IP is that it is a best-effort delivery system IP has no mechanism to ensure that the data is delivered regardless of any problems encountered on the network
Data might fail to reach its destination for a variety of reasons, such as hardware failure, improper configuration, or incorrect routing information If an intermediary device such
as a router fails, or if a destination device is disconnected from the network, data cannot
be delivered This is why applications that use IP are typically faster: They don’t have the 1102.book Page 761 Tuesday, May 20, 2003 2:53 PM
Trang 4762 Chapter 17: TCP/IP Error and Control Messages
error control or reliable mechanism that TCP has To help identify these failures, IP uses the Internet Control Message Protocol (ICMP) ICMP notifies the sender of the data that an error occurred in the delivery process
The following sections review the different types of ICMP error messages and the forms they take Knowledge of ICMP error messages and an understanding of the potential causes of these messages are essential parts of network troubleshooting
ICMP
ICMP is the component of the TCP/IP protocol stack that addresses IP’s failure to ensure data delivery ICMP does not overcome the unreliability limitation that exists
in IP ICMP simply sends error messages to the sender of the data, indicating that problems occurred with data delivery Figure 17-1 shows where ICMP resides within the TCP/IP model
Figure 17-1 ICMP and the TCP/IP Model
This section covers the various facets of ICMP, including ICMP message delivery, error reporting and correction, and ways of detecting and handling reachabilty issues
ICMP Message Delivery
ICMP messages are delivered using the IP protocol ICMP messages are encapsulated into datagrams in the same way that any other data is delivered using IP Table 17-1 dis-plays the encapsulation of an ICMP packet within the IP packet datagram data area The frame header can be from a LAN protocol, such as Ethernet, or a WAN protocol, such as HDLC
Application
Transport Internet Network Interface
Destination Unreachable Echo (Ping)
Other
Trang 5ICMP 763
Data is encapsulated within a datagram when it reaches the network layer From there,
the datagram and its encapsulated data are encapsulated further into a frame at the data
link layer ICMP messages have their own header information However, this
informa-tion, along with the ICMP data, is encapsulated just as any other data is within the
datagram ICMP messages are transmitted in the same way as any other data Therefore,
ICMP messages are subject to the same delivery failures This creates a scenario in which
error reports could generate more error reports, causing increased congestion on an
already ailing network For this reason, errors created by ICMP messages do not
gen-erate their own ICMP messages Therefore, it is possible for a datagram delivery error
to occur but never be reported back to the sender of the data
Error Reporting and Error Correction
ICMP is an error-reporting protocol for IP When datagram delivery errors occur, ICMP
reports these errors to the sender of the datagram For example, Workstation 1 in
Figure 17-2 is sending a datagram to Workstation 6 When the corresponding interface
on Router C goes down, Router C uses ICMP to send a message back to Workstation
1 indicating that the datagram could not be delivered ICMP does not correct the
encountered network problem
In the example from Figure 17-2, ICMP does not attempt to correct the problem with
the interface on Router C that is preventing datagram delivery The only capability of
ICMP is to report the errors back to Workstation 1
Router C will not notify the intermediary devices of the delivery failure Therefore,
Router C will not send ICMP messages to Router A and Router B or to the originating
device Router C also does not know what path the datagram has taken to arrive there
Datagrams contain only source and destination IP addresses; they do not contain
infor-mation about all the intermediary devices The reporting device has only the sender’s
IP address with which to communicate Although Routers A and B are not notified
directly, they might become aware of the down interface on Router C However,
dis-seminating this information to neighbor routers is not the function of ICMP Instead,
ICMP reports on the status of the delivered packet to the sender; its function is not to
propagate information about network changes
Table 17-1 ICMP Encapsulation
1102.book Page 763 Tuesday, May 20, 2003 2:53 PM
Trang 6764 Chapter 17: TCP/IP Error and Control Messages
Figure 17-2 Error Reporting Being Updated
Unreachable Networks
Network communication depends on certain basic conditions:
■ The TCP/IP protocol stack must be properly configured in the sending and receiv-ing devices This includes the installation of TCP/IP and proper configuration of the IP address and the subnet mask A default gateway also must be configured if datagrams are to travel outside the local network
■ Intermediary devices must be in place to route the datagram from the source device and its network to the destination network Routers serve this function
■ A router must have the TCP/IP protocol properly configured on its interfaces, and it must use an appropriate routing protocol or static routes
If these conditions are not met, network communication cannot take place For example, the sending device might address the datagram to a nonexistent IP address or to a des-tination device that is disconnected from its network Routers also can be points of failure if a connecting interface is down or if the router does not have the information necessary to find the destination network If a destination network is not accessible, it
is said to be an unreachable network.
B
S0/0
S0/0 Fa0/0
Trang 7ICMP 765
Destination unreachable messages include the following:
■ Network unreachable—This message usually implies routing or addressing
failures
■ Host unreachable—This message usually implies delivery failures, such as a
wrong subnet mask
■ Protocol unreachable—This message usually implies that the destination does
not support the upper-layer protocol specified in the packet
■ Port unreachable—This message usually implies that the TCP port (socket) is not
available
Figure 17-3 shows a router receiving a packet that it cannot deliver to its ultimate
des-tination The packet might be undeliverable because there is no known route to the
destination Because there is no known route, the router sends an ICMP host
unreach-able message to the source
Figure 17-3 ICMP Host Unreachable
Using ping to Test Destination Reachability
The ICMP protocol can be used to test the availability of a particular destination
Figure 17-4 shows ICMP being used to issue an echo request message to the
destina-tion device When the destinadestina-tion device receives the ICMP echo request, it formulates
an echo reply message to send back to the source of the echo request If the sender
receives the echo reply, this confirms that the destination device can be reached using
the IP protocol
A
To Z
Send data
to Z.
I do not know how to get to Z!
Send ICMP.
Data Network
Destination Unreachable Host or Port Unreachable Network Unreachable 1102.book Page 765 Tuesday, May 20, 2003 2:53 PM
Trang 8766 Chapter 17: TCP/IP Error and Control Messages
Figure 17-4 Echo Request
The echo request message typically is initiated using the pingcommand, as demon-strated in Example 17-1 In this example, the command is used with the IP address of the destination device Example 17-1 and Figure 17-5 show a successful ping or echo request/reply
Figure 17-5 ICMP ping
Example 17-1 Echo Request Initiated by ping
C:\> ping 198.133.219.25
Pinging 198.133.219.25 with 32 bytes of data:
Reply from 198.133.219.25: bytes=32 time=30ms TTL=247 Reply from 198.133.219.25: bytes=32 time=20ms TTL=247
A
IsBreachable?
A
ICMP Echo Request
A
Yes, I
am here.
ICMP Echo Reply
Is B Reachable?
B
ICMP Echo Request
Trang 9ICMP 767
The ping command also can be used as demonstrated in Example 17-2 using the DNS
name of the destination device (assuming that DNS is available)
In these workstation examples, the ping command issues four echo requests and receives
four echo replies confirming IP connectivity between the two devices The output
gen-erated by the router ping command is somewhat different than the workstation ping
command Example 17-3 shows a successful and unsuccessful ping from RouterA to
RouterB (IP address 192.168.100.100) The exclamation marks (!) indicate a successful
ping, and the periods (.) indicate failure Table 17-2 shows Cisco ping return codes
generated when pinging between Cisco devices
Reply from 198.133.219.25: bytes=32 time=20ms TTL=247
Reply from 198.133.219.25: bytes=32 time=20ms TTL=247
Ping statistics for 198.133.219.25:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 30ms, Average = 22ms
C:\>
Example 17-2 Using ping with Destination Device DNS Name
C:\> ping www.cisco.com
Pinging www.cisco.com [198.133.219.25] with 32 bytes of data:
Reply from 198.133.219.25: bytes=32 time=30ms TTL=247
Reply from 198.133.219.25: bytes=32 time=20ms TTL=247
Reply from 198.133.219.25: bytes=32 time=20ms TTL=247
Reply from 198.133.219.25: bytes=32 time=20ms TTL=247
Ping statistics for 198.133.219.25:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 30ms, Average = 22ms
C:\>
Example 17-1 Echo Request Initiated by ping (Continued)
1102.book Page 767 Tuesday, May 20, 2003 2:53 PM
Trang 10768 Chapter 17: TCP/IP Error and Control Messages
Example 17-3 Router ping Examples: Success and Failure
RouterA# ping 192.168.100.100
Type escape sequence to abort.
Sending 5, 100byte ICMP Echoes to 192.168.100.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/36/36 ms
RouterA# ping 192.168.100.100
Type escape sequence to abort.
Sending 5, 100byte ICMP Echoes to 192.168.100.100, timeout is 2 seconds:
Success rate is 0 percent (0/5)
Table 17-2 Cisco ping Return Codes
receipt of an ICMP echo reply
The ping completed successfully
net-work server timed out while waiting for a reply
This message can indicate many problems:
■ The ping was blocked by an access list or firewall
■ A router along the path did not have a route to the destination and did not send an ICMP desti-nation unreachable message
■ A physical connectivity problem occurred somewhere along the path
received
A router along the path did not have
a route to the destination address