17 Eylül 2020 Perşembe

Internet Control Message Protocol - ICMP

ICMP Nedir ?
Her IP Stack'inde ICMP protokolü bulunur. Açıklaması şöyle
ICMP, uses the basic support of IP as if it were a higher level protocol, however, ICMP is actually an integral part of IP, and must be implemented by every IP module.
ICMP , TCP ve UDP kardeş protokollerdir. Ancak TCP ve UDP'nin aksine ICMP protokolünde port numarası kavramı yoktur.

ICMPv4 Header
ICMPv4 mesajının yapısı şöyle.
/* ICMP Header */
struct icmpheader {
  unsigned char icmp_type; //ICMP message type
  unsigned char icmp_code; //Error code
  unsigned short int icmp_chksum; //Checksum for ICMP Header and data
  unsigned short int icmp_id; //Used in echo request/reply to identify request
  unsigned short int icmp_seq;//Identifies the sequence of echo messages, 
                    //if more than one is sent.
};
icmp_type Alanı
icmp_type alanınn alabileceği değerler ve açıklaması şöyle.
char * messages[ ] = {
   "Echo reply", //0
   "Type 1",     //1
   "Type 2",     //2
   "Destination unreachable",//3
   "Source quench",  //4
   "Redirect",       //5
   "Type 6",         //6
   "Type 7",         //7
   "Echo request",   //8
   "Router advertisement", //9
   "Router discovery",  //10
   "Time exceeded",     //11
   "Parameter problem", //12
   "Timestamp request", //13
   "Timestamp reply",   //14
   "Information request (obsol.)", //15
   "Information reply (obsol.)",   //16
   "Address mask request",         //17
   "Address mask reply"            
};
Eğer ICMP hata ile ilgiliyse gönderilen paketin ilk 64 byte'ını da içerir. Açıklaması şöyle.
An ICMP error message will contain the IP header and first 64 bits (eight octets) of the original data
Bu 64 byte kullanılarak orijinal paket bulunabilir. Açıklaması şöyle.
Internet Header + 64 bits of Data Datagram

The internet header plus the first 64 bits of the original datagram's data. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram's data.
Örneğin icmp_type Alanı = 11 (Time exceeded) icmp_code = 0 (net unreachable) ise bu 64 byte'ı cevapta geri alırız.

icmp_code Alanı
Alabileceği değerler şöyle
0 = net unreachable;

1 = host unreachable;

2 = protocol unreachable;

3 = port unreachable;

4 = fragmentation needed and DF set;

5 = source route failed.
Açıklaması şöyle.
Codes 0, 1, 4, and 5 may be received from a gateway. Codes 2 and 3 may be received from a host.
ICMP Router Advestisement
ICMP Echo -> ICMP Reply mesajları yanında ICMP mesajı "ICMP Router Advestisement" için de gönderilebilir.
ethertype IPv4 (0x0800), ..., proto ICMP (1), length 36)
  192.168.161.101 > 224.0.0.1: ICMP router advertisement...
ICMPv6 Header
Linux'ta şu satırı dahil ederiz.
#include <netinet/icmp6.h>
ICMPv6 8 byte büyüklüğündedir. ICMPv6 mesajının yapısı şöyle
struct icmpv6header {
  unsigned char type;
  unsigned char code;
  unsigned short int chk_sum;
  unsigned int body; 
};
ICMP Engelleme
ICMP engellenebilir veya işlenme hızı azaltılabilir. IPV6 için açıklaması şöyle
For example RFC4890 says the following types should be allowed for optimal functionality:
  Type 1, 2, 3, 4, 128, 129 and for mobility assistance also 144, 145, 146 and 147.
ICMP Redirect
Açıklaması şöyle.
ICMP re-directs are most often seen when you have a host or router A in the same subnet with two other routers B & C and connectivity to both.
...
A will have a route (most likely a default) pointing to B, and B will have a more specific route pointing to C.

Without ICMP redirects, all traffic from A to C will be routed A->B->C

With ICMP re-direct enabled, B will inform A that C is a better next-hop and subsequent traffic will be routed A->C.

Hiç yorum yok:

Yorum Gönder