An overview of the content of the article
ICMP protocol details
- Internet Control Message Protocol
- The protocol is mainly used to assist IP protocol for data transmission
- ICMP “Can report error messages or exceptions”
“ICMP packet data is encapsulated in IP packets for data transmission“. ICMP packets are divided into two parts: the ICMP header and ICMP packet data
ICMP header
- Type: Indicates the type of ICMP packets. (There are two types, which are described later.)
- Code: indicates the errors of different ICMP packets
- Checksum: checks whether errors exist during the packet transmission
In the IP protocol header introduced earlier, there is an 8-bit protocol, which indicates the specific data carried by IP data is what protocol. The field value of ICMP is 1
If the IP protocol transmits ICMP data, 1 will be written to the protocol
Two types of ICMP packets
Error report message
- Network Unreachable: An IP address can represent a network. If all host ids are 0, a network is identified. If the entire network is unreachable, an ICMP packet of type 3 with the specific code 0 is reported
- Host unreachable: If computer A wants to communicate with computer B and computer B is shut down, the host is unreachable
- Network Redirection: Data transferred to a certain network may not go through the network and needs to be redirected
- Host redirection: If the sent packet cannot be processed by the host, the host sends the packet to another host
Ask a message
- Echo request or reply: verifies whether the network is normal. Suppose computer A wants to communicate with computer B. Computer A sends an empty piece of data to COMPUTER B, and if B receives it, it sends A response
- Timestamp request or reply: This is used when time synchronization is required
ICMP application
Ping application
In the previous article, you used the ping command to check the network response time and TTL. What is the principle of ping
The ping application mainly uses ICMP query messages, which send echo request or reply packets. When using the ping command, it first assembles an IP packet, then assembles an ICMP query packet in the IP datagram, and sends the packet through the data link layer. This is the principle of the ping application
We usually use the ping command to check whether the local network is normal or whether the network quality is good. At home, how do we use the ping command to troubleshoot network faults
- The first step is to ping the local loopback address 127.0.0.1 (if no return is returned, there is a protocol stack problem. In this case, you may need to reinstall the system or reinstall the protocol stack).
- If the previous step returns normal, ping the gateway address (that is, the router address). If the computer is on the Intranet, ping 192.168.0.1 or ping 192.168.1.1. If the previous ping of the gateway also works, it indicates that the router is connected to the local computer. If not, it indicates that there is a problem with the network cable or wifi
- If the ping gateway works, ping the remote address (such as Baidu). If not, it means that the network between your home and ISP is faulty, this time you need to contact telecom or mobile or Unicom
Traceroute application
“Traceroute can detect the path that IP datagrams take in the network.” In this article about IP protocols, it is explained that computers are connected to virtual Internet networks, and we do not care what path the datagrams take in the network. But if you need to troubleshoot a network failure, the Traceroute application can provide more advanced capabilities to understand what the network is like
Application principles of Traceroute
When the IP header is introduced earlier, there is a TTL in the header, indicating the lifetime of IP data packets in the network. For each device, the TTL decreases by 1. When the TTL is 0,“The network device must discard the packet“
When the TTL is 0, the network device must discard the packet. However, it doesn’t tell you what to do when you throw it away. After learning about ICMP packets, the network device sends an ICMP destination unreachable error message if it wants to discard packets. That is, it reports an error, telling the source host that a packet transmission error occurred, so that the source host is aware of the problem. Here’s an example
With the help of A diagram used earlier, which indicates the network direction from computer A to computer B. As mentioned in the previous article, data packets are transmitted in A hop, so it will successively jump to medium network = “large network =” medium network = “small network =” computer B.
The Traceroute application cleverly applies the function of ICMP error Unreachable packets. To detect the path of the datagram, it first encapsulates an IP packet with a TTL of 1. In the figure above, computer A sends A packet with A TTL of 1. When it reaches the medium network, it finds that the TTL is 0 and sends an ICMP error unreachable message to the source machine (that is, computer A). At this point, computer A records the IP address of the medium-sized network. In this case, Traceroute encapsulates a request packet with a TTL of 2. When the data reaches a large network, the TTL is 0. The large network discards the packet and sends an ICMP error unreachable message to the source machine. Computer A records the IP address of the large network. “The TTL will increase sequentially until A normal response is received, indicating that the packet sent by computer A has been received by computer B.” At this point, computer A has received the information of all the path machines, and can output the path of the datagram in the network
Therefore, the Traceroute application cleverly applies the function of ICMP error unreachable packets, increasing the TTL by one each time until it reaches the destination machine, recording the IP address of each machine that passes through it, thus obtaining the path. This is how Traceroute works
See a wave of practical operations available in Windows“Tracert + domain name/IP“Command to view the output. There are tools that come with the Mac
The first is that you can see baidu’s address: 182.61.200.7. Then the first hop under packets is the IP address of my Intranet router 192.168.0.1. The second hop is 113.45.64.1, which should be the Intranet IP of the cell. After each hop through the IP, you can directly search baidu where is the IP
For a more detailed cross-provincial path, follow github.com, which is slow because the server is based in the United States
It is the core competitiveness of a technician to seek invariance in the rapidly changing technology. Unity of knowledge and practice, theory and practice
