Research on ICMP route tracking (1)

In the use of the ICMP protocol, we will introduce the application of route tracking. After understanding some basic introductions of the ICMP protocol, we will analyze and explain the implementation of specific route tracking, hoping to help you.

I. Overview

When a computer transmits information over the Internet, it must route through the router to find the target host and send the information to the target host. there is a route table in the vro. The table stores the route information from the vro to a host. The vro uses the route table to find the network path. there is no fixed path between the two hosts (that is, the route table is not fixed). The path changes accordingly as the network changes, therefore, we cannot directly obtain the path from a host to another host. To obtain the network path of the local host and a host on the network, we must perform route tracking. this article introduces a method to implement route tracking.

Ii. About ICMP

ICMP (Internet Control Protocol) is a message mechanism for special purposes. It enables routers or hosts on the Internet to report errors or provide unexpected information.

ICMP packets are encapsulated in two levels. ICMP packets are placed in the data part of IP datagram, and IP datagram is placed in the data of frames for network transmission (as shown in 1 ). like other common packets, ICMP messages have the same routing options and have no special priority or increase reliability.

(Figure 1) ICMP Packet encapsulation

The ICMP header contains three fields: 1-byte type domain, 1-byte code domain, and 2-byte checksum. the Type field indicates the type of the message, such as the Response Request Message and the datagram timeout message. The code field indicates the different situations of the type, such as when the type is 11 timeout packets) if the code is 0, the TTL times out. If the code is 1, the slice reorganizations time out. when implementing the functions described in this article, the type of response request message must be 8). The process is as follows: the source host sends a Response Request Message of Type 8 to the target host, if the destination site receives a response packet, the destination IP address in the header of the packet is switched to the source IP address, type 8 is changed to the response type 0, and a new checksum is calculated and then sent to the source host. if the source host receives this response message, it not only indicates that the target host is reachable, but also that the router between the target host and the source host is working normally, the IP address and ICMP software of the source host and target host are running normally. however, if some problems occur during transmission, such as network disconnection, the data is directed to an invalid destination, at this time, the vro or target host will send back the destination inaccessible packet type to 3), and explain the specific situation of the message in the Code: whether the network is reachable or the host is not reachable. if the request message times out during transmission, that is, the TTL is reduced to 0. Each time the packet passes through a router, the TTL is reduced to 1), the router returns a TTL timeout packet of Type 11 ), the Source IP address in the IP address header is the IP address of the router.

Iii. Implementation of Route Tracing

The implementation of Route tracing is the clever use of the TTL timeout packet of ICMP packets. the implementation process is as follows: the source host first sends a Response Request Message Type 8 to the target host), the TTL value is set to 1, and the first router reduces the TTL by 1 after receiving the message, in this way, the TTL becomes 0, the group is abolished, and the router sends a TTL timeout packet type of 11 to the source host). The Source IP address in the packet header is the address of the first router, the source host can analyze the message to obtain the address of the first vro. then, send a message whose TTL is equal to 2 to get the second router address, and then send a message whose TTL is equal to 3 until the type of the response packet received by the target host is 0) or the destination inaccessible packet type is 3), or the maximum number of hops (the maximum number of routers to be checked ). you can see that the TTL setting is the key to tracking. You can set it using the setsockopt (m_Sock, IPPROTO_IP, IP_TTL, (LPSTR) & TTL, sizeof (int) function, m_Sock is the socket created. IP_TTL indicates that TTL is set. TTL is the TTL value to be set, which is an integer value. the implementation process can be expressed in 2:

(Figure 2) Flowchart

4. Route tracing program implementation

The program described in this article is written in Visual C ++ 6.0. The process is as follows:

1. Create a New AppWizard project based on the dialog box and name it RouteTrace.

2. Add # include "winsock2.h" to stdafx. h ".

3. Choose Project> Setting (ALT + F7), enter the Project Setting dialog box, enter ws2_32.lib in Object/library modules under Link, and click OK.

4. customize an ICMP class. click Insert-> New Class in the menu to enter the New Class dialog box, select Generic Class in Class type, enter the Class Name CICMP in Name, and click OK, in this way, a CICMP class is created.

5. Set the dialog box as shown in 3:

(Figure 3 Program Interface)

Start Class Wizard to add the response function and associated variables for each control. The ID and response function or variable corresponding to the control are:

Widget	ID	Response Functions	Variable
Address combo box	IDC_COMBO		CComboBox m_comb
Maximum number of hops edit box	IDC_MAXHOT		Int m_maxhot
Trail button	IDC_TRACE	OnTrace ()
Stop Button	IDC_STOP	OnStop ()
List box	IDC_LIST		CListCtrl m_list