"TCP/IP Detailed Volume 2: implementation" Note--icmp:internet Control Message Protocol

ICMP transmits errors and management messages between IP systems and is an integral part of any IP implementation and requirements. ICMP can be divided into two categories: Error and query. Inquiry message

is defined by a pair of requests and answers. Error messages typically contain the IP header (and options) of the first shard of the IP packet that caused the error, plus the Shard data section

The first 8 bytes.

All currently defined ICMP messages are displayed. The two lines above are the request and answer messages, the two lines below is the error message.

The PRC_ bar shows the mapping between protocol-independent error codes and ICMP packets processed by NET/3. For the request and answer, this column is empty. Because in this case

will not cause any errors. If there is an ICMP error, this behavior is null, indicating that NET/3 does not recognize the code and automatically discards the error message.

1.ICMP structure

NET/3 accesses an ICMP message through the ICMP structure in.

Icmp_type identifies specific messages and icmp_code further develops messages. The icmp_cksum algorithm is the same as the IP header check.

The Federated Icmp_hun (First Union) and Icmp_dun (data Federation) access multiple ICMP messages according to Icmp_type and Icmp_code. Each ICMP message is used

Icmphun; only a subset of the messages use Icmp_dun. Fields that are not used must be set to 0.

The ICMP packets are encapsulated in the IP datagram.

PROTOSW Structure of 2.ICMP

INETSW[4] 's PROTOSW structure describes ICMP and supports kernel and process access to the protocol. Shows the structure.

Ipintr The datagram is divided according to the transmission protocol number ip_p in the IP header. For ICMP packets, ip_p is 1, select Inetsw[4 by Ip_protox].

3. Input Processing: icmp_input function

When an ICMP packet arrives, the IP layer calls Icmp_input indirectly through the Pr_input function of inetsw[4].

In Icmp_input, each ICMP packet is processed 3 times: is Icmp_input processed once, and the Transport Layer Association associated with the IP packet in the ICMP error message

The process of receiving an ICMP message is processed once.

The overall composition of the ICMP input processing process is as follows:

The following is a five-part discussion of Icmp_input:

1. Verifying the Received message

2.ICMP error message

3.ICMP Request Message

4.ICMP REDIRECT Message

5.ICMP Reply message

The general flow of functions is as follows:

Determine the length of the ICMP message, if it is too short, discard it directly

↓

The ICMP packet structure contains a checksum field that is used to check the checksum of the ICMP

↓

The message type of the ICMP is judged, if it can be identified, the corresponding operation is performed according to the message type, and if it is not recognized, the raw operation is executed directly rip_input

↓

Performing the raw operation Rip_input,rip_input the message to the listening process based on the protocol contained in the message and the source station and destination address information.

3.1. Error message Processing

When the datagram sent by the host cannot be successfully submitted to the destination host, the destination host or the intermediary router generates the messages and returns them to the original system.

Shows the format of a variety of ICMP error messages:

Icmp_input maps Icmp_type and Icmp_code to a protocol-independent error set, which is represented by a Prc_ constant, and the PRC_ constant is

In order. As shown in the following:

Then icmp_input invokes the Pr_ctlinput function of the Transport layer protocol, which, based on the ip_p of the original datagram, uses the packet to the correct protocol to construct

The original IP datagram.

3.2. Request Processing

The NET/3 responds to the ICMP request message with the correct format, and the invalid ICMP request is reported to Rip_input. In addition to Router Advertisement messages, most NET/3 receive

The ICMP request message generates an answer message. To avoid answering the message, the new mbuf,icmp_input turns the cache of the request message into an answer cache and returns it to

The sending party.

3.2.1. Echo inquiry: Icmp_echo and Icmp_echoreply

The ping program is using a echo request. Is the structure of the ICMP echo request and the reply message.

Icmp_code always 0,icmp_id and icmp_seq set as the sender of the request, the answer does not make changes. The source system can match requests and answers with these fields.

All data that arrives in the Icmpdata is also reflected.

3.2.2. Timestamp inquiry: Icmp_tstamp and Icmp_tstampreply

The ICMP time message is as follows:

The sender of the request set Icmp_otime (the time the request was made), Icmp_rtime (the time the request was received) and the Icmp_ttime (the time the answer was sent) by the answer

's sender settings. All time is the number of milliseconds starting at midnight UTC. If the time value is not recorded in standard units, put the high position bit, with the IP timestamp option

The same.

3.2.3. Address Mask inquiry: Icmp_maskreq and Icmp_maskreply

The request can discover the subnet mask used on a network.

Unless the system is explicitly configured as an authorization agent for the address mask, RFC1122 prohibits sending a mask answer to it. This avoids the system and all the requests that are sent to it

The system shares an incorrect address mask. If there is no administrator authorization answer, the system also ignores the address mask request.

The ICMP address mask request and answer are as follows:

3.2.4. Information enquiry: Icmp_ireq and ICMP_IREQREPLYICMP information messages are obsolete. They attempt to broadcast a network portion of a source and destination address field for a full 0 request, which enables the system to discover the number of connected IP networks.
The host that responds to the request will return a message that fills in the network number, and the host needs other means to locate the host part of the address.

3.2.5. Router discovery: Icmp_routeradvert and Icmp_routesolicit

RFC1256 defines ICMP router discovery packets, which are not processed directly by the NET/3 kernel, but are passed by Rip_input to a user-level daemon, which

Send and respond to such messages.

3.3. REDIRECT Processing

Shows the format of the ICMP redirect message.

The redirect information is passed to Rtredirect, which updates the routing table with this function. The destination address of the redirect is passed to Pfctlinput, which advertises all protocol domains for redirection, making

The Protocol has the opportunity to invalidate the cached route to the destination station.

3.4. Answer processing

The kernel never processes any ICMP reply packets, the ICMP requests are generated by the process, and the kernel never generates requests. So the kernel passes all the answers it receives to the waiting ICMP

The process of the message. The kernel directly reports the rip_input to the transport layer for processing.

3.5. Output processing

There are several ways to generate outgoing messages. IP calls Icmp_error to generate and send ICMP error messages. Icmp_reflect sends a reply message. At the same time, the process may

ICMP packets are generated from the original ICMP protocol. Shows the relationship between these functions and ICMP out-of-office processing.

3.6.icmp_sysctl function

The ICMP_SYSCTL function for IP only supports the options listed in. The system administrator can modify this option with the SYSCTL program.