ICMPv6 Presentation
advertisement
9: Introduction to ICMPv6 Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu For more information please check out my Cisco Press book and video series: IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58714-313-5 IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58720-457-6 © 9.1: ICMPv6 Messages ICMP (Internet Control Message Protocol) Router#ping MyMac$ debug www.cabrillo.edu ip packet detail PING IP packet mundo.cabrillo.edu debugging is on (207.62.187.8): (detailed) 56 data bytes 64 bytes from 207.62.187.8: icmp_seq=0 ttl=51 time=102.066 ms 64 bytesping Router# from192.168.0.4 207.62.187.8: icmp_seq=1 ttl=51 time=125.381 ms 64 bytes Type escape from sequence 207.62.187.8: to abort. icmp_seq=2 ttl=51 time=46.202 ms 64 bytes5, Sending from 100-byte 207.62.187.8: ICMP Echos icmp_seq=3 to 192.168.0.4, ttl=51 time=69.447 timeout is 2 msseconds: U.U.U ^C MyMac$ May 27 05:27:27.11: IP: s=10.0.0.1 (local), d=192.168.0.4 (Serial0), len 100, sending May 27 05:27:27.15: ICMP type=8, code=0 ! Echo request sent (ping) May 27 05:27:27.19: IP: s=10.0.0.2 (Serial0), d=10.0.0.1 (Serial0), len 56, rcvd 3 May 27 05:27:27.23: ICMP type=3, code=1 ! Local router returns: Destination host unreachable May 27 05:27:27.27: IP: s=10.0.0.1 (local), d=192.168.0.4 (Serial0), len 100, • ICMP is one of the main protocols of the Internet (TCP/IP) suite. • Used to send messages between devices. © ICMPv6 Internet Control Message Protocol for IPv6 • ICMPv6 is defined in RFC 4443. • Similar to ICMPv4, describes two types of messages: • Informational • Error • ICMPv6 Neighbor Discovery is described in RFC 4861. • Much more robust than ICMP for IPv4. • Contains new functionality and improvements. • More than just “messaging” but “how IPv6 conducts business”. Next IPv6 Main All ICMPv6 messages Header Header 58 ICMPv6 Header Data © ICMPv6 Neighbor Discovery – Lesson 10 ICMPv6 Neighbor Discovery defines 5 different packet types: • Router Solicitation Message • Router Advertisement Message Used with dynamic address allocation • Neighbor Solicitation Message • Neighbor Advertisement Message Used with address resolution (IPv4 ARP) Router-Device Messaging Device-Device Messaging • Redirect Message Similar to ICMPv4 redirect message Router-to-Device messaging © ICMPv6 Messages • ICMPv6 error messages are: • Destination Unreachable • Packet Too Big • Time Exceeded • Parameter Problem Similar to IPv4 We will take a brief look at these • ICMPv6 informational messages used by the ping command: • Echo Request Similar to IPv4 • Echo Reply We will see a packet analysis example © ICMPv6 Messages ICMPv6 informational messages used for Multicast Listener Discovery (RFC 2710 ): • Multicast Listener Query Similar to IGMP for IPv4 • Multicast Listener Report (Internet Group Message Protocol) • Multicast Listener Done Discussed in Lesson 6 ICMPv6 informational messages used by Neighbor Discovery (RFC 4861): • Router Solicitation Message New message types (except for • Router Advertisement Message Redirect message). • Neighbor Solicitation Message Brief overview. • Neighbor Advertisement Message Details discussed in various • Redirect Message lessons © ICMPv6 General Message Format Next Header = 58 IPv6 Header 0 8 Type ICMPv6 Message 16 Code 24 31 Checksum Message Body • IPv6 Next Header Value: 58 decimal or 3A hexadecimal • ICMPv6 General Message Format (similar to ICMP for IPv4) © 9.2: ICMPv6 Error Messages ICMPv6 Error Messages • ICMPv6 error messages are: • Destination Unreachable • Packet Too Big • Time Exceeded • Parameter Problem © Error Message: Destination Unreachable Message 0 8 Type = 1 16 Code 24 Checksum Unused As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU. Code Values 0 - No route to destination 31 1 - Communication with destination administratively prohibited 2 - Beyond scope of source address 3 - Address unreachable 4 - Port unreachable 5 - Source address failed ingress/egress policy 6 - Reject route to destination • Sent when a packet cannot be delivered to its destination for reasons other than congestion. • A router (or a firewall) usually generates these messages. • Type = 1 • Code values vary, giving more detail. © Error Message: Packet Too Big 0 8 Type = 2 16 Code = 0 24 31 Checksum MTU of the next hop link As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU. • Important difference with IPv6… • IPv4 routers fragment a packet when the MTU (Maximum Transmission Unit) of the outgoing link is smaller than the size of the packet. • The destination device is responsible for reassembling the fragmented packets. • IPv6 routers do not fragment packets (unless it is the source of the packet). © IPv4 Fragmentation • IPv4 fields used for fragmentation and reassembly. • IPv6 routers do not perform fragmentation. • Any fragmentation needed will be handled by the source using an extension header.. IPv4 IPv6 © IPv4 Fragmentation PCA MTU of outgoing link smaller than packet size – fragment IPv4 packet. R1 R2 Link with smaller MTU It is my job to reassemble the packet fragments. PCB R3 Destination Source 1 2 IPv4 Packet 3 IPv4 Packet IPv4 IPv4 Packet Packet IPv4 Packet IPv4 Packet IPv4 Packet IPv4 Packet © IPv6 No Fragmentation I will use MTU of the interface. PCA Source MTU = 1500 MTU of outgoing link smaller than packet size. Drop packet. Send ICMPv6 Packet Too Big message, use MTU 1350. MTU = 1500 R1 MTU = 1500 MTU = 1350 R2 Link with smaller MTU Packet received. No reassembly required. PCB R3 Destination 1 IPv6 Packet – MTU 1500 2 ICMPv6 Packet Too Big Use MTU 1350 3 IPv6 Packet MTU 1350 © Error Message: Time Exceeded IPv6 0 8 Type = 3 16 Code = 0 24 31 Checksum Unused As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU. • If a router receives a packet with a Hop Limit of zero, or if a router decrements a packet's Hop Limit to zero, it MUST: • Discard the packet • Send an ICMPv6 Time Exceeded message (Type = 3, Code 0) to the source of the packet. • This indicates either a routing loop or too small an initial Hop Limit value. © Error Message: Time Exceeded MyMac$ traceroute6 2001:418:142a:295::90 traceroute6 to 2001:418:142a:295::90 (2001:418:142a:295::90) from 2601:9:6801:85:b953:c971:e56d:1945, 64 hops max, 12 byte packets 1 2601:9:6801:85:cad7:19ff:fe9b:6676 6.306 ms 6.949 ms 9.992 ms 2 2001:558:6045:df::1 29.933 ms 37.620 ms 33.264 ms 3 te-5-4-ur02.scotts.ca.sfba.comcast.net 20.449 ms 23.846 ms 19.910 ms 4 te-1-0-0-10-ar01.oakland.ca.sfba.comcast.net 29.915 ms * * 5 be-90-ar01.sfsutro.ca.sfba.comcast.net 28.884 ms 28.019 ms 19.928 ms 6 he-1-5-0-0-cr01.sanjose.ca.ibone.comcast.net 39.964 ms 28.103 ms 29.734 ms 7 he-0-11-0-0-pe03.11greatoaks.ca.ibone.comcast.net 30.242 ms 26.888 ms 30.151 ms 8 ae-13.r02.snjsca04.us.bb.gin.ntt.net 29.775 ms 27.176 ms 20.832 ms 9 ae-3.r01.snjsca04.us.bb.gin.ntt.net 30.241 ms 28.280 ms 30.185 ms 10 2001:418:1c01:1::80f1:5938 23.455 ms 28.021 ms 26.063 ms MyMac$ • Windows uses tracert (IPv4 and IPv6) or tracert -6 (IPv6 only) © Error Message: Parameter Problem Code 0 8 Type = 4 16 24 Code 31 0 Erroneous header field encountered 1 Unrecognized Next Header type encountered 2 Unrecognized IPv6 option encountered Checksum Pointer As much of invoking packet as possible without the ICMPv6 packet exceeding the minimum IPv6 MTU. Extension Header Name ? IPv6 Main Header Next Header 138 Extension Header Next Header 6 TCP Header Data • Type 4 • Generated when a receiving device finds a problem with a field in the main IPv6 header such as the Next Header field – packet is discarded. © 9.3: ICMPv6 Informational Messages: Echo Request and Echo Reply ICMPv6 Echo Request and Echo Reply Type 128 = Echo Request Type 129 = Echo Reply 0 8 Type = 128/129 16 Code = 0 24 31 Checksum Sequence Number Identifier Data Ping PCB ICMPv6 Echo Request PCA PCB ICMPv6 Echo Reply • Similar to IPv4 Echo Request and Echo Reply messages are used by the ping utility. © Ping Command PCA 2001:DB8:CAFE:1::/64 G0/0 2001:DB8:CAFE:1::100 FE80::50A5:8A35:A5bb:66E1 R1 2001:DB8:CAFE:1::1 FE80::1 PCA> ping 2001:db8:cafe:1::1 Pinging 2001:db8:cafe:1::1 from 2001:db8:cafe:1::100 with 32 bytes of data: Reply Reply Reply Reply from from from from 2001:db8:cafe:1::1: 2001:db8:cafe:1::1: 2001:db8:cafe:1::1: 2001:db8:cafe:1::1: time=1ms time=1ms time=1ms time=1ms <rest of output omitted> PCA> © ICMPv6 Echo Request to GUA Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 128 Source: 2001:db8:cafe:1::100 Destination: 2001:db8:cafe:1::1 Internet Control Message Protocol v6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0x8f38 [correct] ID: 0x0001 Sequence: 0 IPv6 Header Data (32 bytes) ICMPv6 Echo Request Next Header = 58 ICMPv6 Message © ICMPv6 Echo Reply from GUA Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 40 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: 2001:db8:cafe:1::1 Destination: 2001:db8:cafe:1::100 ICMPv6 Echo Reply Internet Control Message Protocol v6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0x8e38 [correct] ID: 0x0001 Sequence: 0 Data (32 bytes) © Ping Command PCA 2001:DB8:CAFE:1::/64 G0/0 2001:DB8:CAFE:1::100 FE80::50A5:8A35:A5bb:66E1 R1 2001:DB8:CAFE:1::1 FE80::1 R1# ping fe80::50a5:8a35:a5bb:66e1 Output Interface: gig 0/0 % Invalid interface. Use full interface name without spaces (e.g. Serial0/1) Output Interface: gigabitethernet0/0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FE80::50A5:8A35:A5BB:66E1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R1# © ICMPv6 Echo Request to Link-Local Address Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 60 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: fe80::1 Destination: fe80::50a5:8a35:a5bb:66e1 ICMPv6 Echo Request Source and destination link-local addresses. Internet Control Message Protocol v6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0x0444 [correct] ID: 0x0a24 Sequence: 0 Data (52 bytes) © ICMPv6 Echo Reply from Link-Local Address Internet Protocol Version 6 0110 .... = Version: 6 <output omitted> Payload length: 60 Next header: ICMPv6 (0x3a) Hop limit: 64 Source: fe80::50a5:8a35:a5bb:66e1 Destination: fe80::1 ICMPv6 Echo Reply Source and destination link-local addresses. Internet Control Message Protocol v6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0x0344 [correct] ID: 0x0a24 Sequence: 0 Data (52 bytes) © ICMPv6 Neighbor Discovery ICMPv6 Neighbor Discovery defines 5 different packet types: • Router Solicitation Message • Router Advertisement Message Used with dynamic address allocation • Neighbor Solicitation Message • Neighbor Advertisement Message Used with address resolution (IPv4 ARP) Router-Device Messaging Device-Device Messaging • Redirect Message Similar to ICMPv4 redirect message Router-to-Device messaging © For more information please check out my Cisco Press book and video series: IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58714-313-5 IPv6 Fundamentals LiveLessons: A Straightforward Approach to Understanding IPv6 • By Rick Graziani • ISBN-10: 1-58720-457-6 © 9: Introduction to ICMPv6 Rick Graziani Cabrillo College Rick.Graziani@cabrillo.edu
