5.6 ICMP: The Internet Control Message Protocol
The Internet Control Message Protocol (ICMP), specified in [RFC 792], is used by
hosts and routers to communicate network-layer information to each other. The most
typical use of ICMP is for error reporting. For example, when running an HTTP
session, you may have encountered an error message such as “Destination network
unreachable.” This message had its origins in ICMP. At some point, an IP router was
unable to find a path to the host specified in your HTTP request. That router created
and sent an ICMP message to your host indicating the error.
ICMP 用于主机和路由彼此通讯, 传递网络层信息. 最典型的用法是错误报告.
ICMP is often considered part of IP, but architecturally it lies just above IP, as
ICMP messages are carried inside IP datagrams. That is, ICMP messages are carried
as IP payload, just as TCP or UDP segments are carried as IP payload. Similarly,
when a host receives an IP datagram with ICMP specified as the upper-layer protocol
(an upper-layer protocol number of 1), it demultiplexes the datagram’s contents to
ICMP, just as it would demultiplex a datagram’s content to TCP or UDP.
ICMP 通常被认为是 IP 的一部分. 但是结构上它处于 IP 的上层. ICMP 信息位于 IP 数据包中. ICMP 信息作为 IP 的负载, 就像 TCP/UDP 段一样. 当主机接收到附带 ICMP, 并指定为上层协议的 IP 数据报时. 解复用数据报的内容给 ICMP. 就像解复用数据报内容给 TCP/UDP 一样.
ICMP messages have a type and a code field, and contain the header and the first
8 bytes of the IP datagram that caused the ICMP message to be generated in the first
place (so that the sender can determine the datagram that caused the error). Selected
ICMP message types are shown in Figure 5.19. Note that ICMP messages are used
not only for signaling error conditions.
ICMP 消息有一个类型和代码字段 (后面这段我读不通…). ICMP 不仅仅用于错误消息传递.
The well-known ping program sends an ICMP type 8 code 0 message to the
specified host. The destination host, seeing the echo request, sends back a type 0
code 0 ICMP echo reply. Most TCP/IP implementations support the ping server
directly in the operating system; that is, the server is not a process. Chapter 11 of
[Stevens 1990] provides the source code for the ping client program. Note that the
client program needs to be able to instruct the operating system to generate an ICMP
message of type 8 code 0.
ping 程序就是由 ICMP 实现的. ping 会发送一个类型为 8, 代码为 0 的消息给指定主机, 当指定主机看到这个回显消息时, 返回一个类型 0, 代码 0 的消息. 这通常实现于操作系统. 这意味这这个服务并不是一个过程.
Another interesting ICMP message is the source quench message. This message
is seldom used in practice. Its original purpose was to perform congestion control—to
allow a congested router to send an ICMP source quench message to a host to force
that host to reduce its transmission rate. We have seen in Chapter 3 that TCP has its
own congestion-control mechanism that operates at the transport layer, without the
use of network-layer feedback such as the ICMP source quench message.
另一个消息是 source quench (我不知道该怎么中文称呼它 :( … ) 消息, 它用于拥塞控制. 但是 TCP 已经有自己的拥塞控制方法了, 用不着它, 所以很少被使用.
In Chapter 1 we introduced the Traceroute program, which allows us to trace a
route from a host to any other host in the world. Interestingly, Traceroute is imple-
mented with ICMP messages. To determine the names and addresses of the routers
between source and destination, Traceroute in the source sends a series of ordinary IP
datagrams to the destination. Each of these datagrams carries a UDP segment with an
unlikely UDP port number. The first of these datagrams has a TTL of 1, the second of 2,
the third of 3, and so on. The source also starts timers for each of the datagrams. When
the nth datagram arrives at the nth router, the nth router observes that the TTL of the
datagram has just expired. According to the rules of the IP protocol, the router discards
the datagram and sends an ICMP warning message to the source (type 11 code 0). This
warning message includes the name of the router and its IP address. When this ICMP
message arrives back at the source, the source obtains the round-trip time from the
timer and the name and IP address of the nth router from the ICMP message.
第一章中我们提出了 Traceroute 程序. Traceroute 也是基于 ICMP 实现的. Traceroute 发送一系列原始 IP 数据报到目的地. 每个数据报携带一个不可能的 UDP 端口的 UDP 段 (???). 第一个数据报的 TTL 设置为 1, 第二个为 2, 依次循环. 源主机同时开启定时器, 当数据报到达第 n 个路由时, TTL 过期, 路由丢弃该数据报, 返回一个 ICMP 警告信息 (类型 11, 代码 0). 这个警告信息包含路由名及其 IP 地址. Traceroute 由此实现.
How does a Traceroute source know when to stop sending UDP segments?
Recall that the source increments the TTL field for each datagram it sends. Thus, one
of the datagrams will eventually make it all the way to the destination host. Because
this datagram contains a UDP segment with an unlikely port number, the destination
host sends a port unreachable ICMP message (type 3 code 3) back to the source.
Traceroute 何时停止发送 UDP 段呢? 因为 TTL 不断增加, 最终会到达目的地, 但是因为发送的 UDP 数据报的目的端口是一个不可能的端口, 所以目的主机返回一个 ICMP 端口不可达消息 (类型 3, 代码 3).
When the source host receives this particular ICMP message, it knows it does not
need to send additional probe packets. (The standard Traceroute program actually
sends sets of three packets with the same TTL; thus the Traceroute output provides
three results for each TTL.)
当源主机收到这个特殊的 ICMP 消息后, 就知晓已到达目的地.
(我 google 了一下, 当中途路由变化会发生什么, 得到的答案是: 什么都不会发生, Traceroute 并不保证这个… )
In this manner, the source host learns the number and the identities of routers
that lie between it and the destination host and the round-trip time between the two
hosts. Note that the Traceroute client program must be able to instruct the operating
system to generate UDP datagrams with specific TTL values and must also be able to
be notified by its operating system when ICMP messages arrive. Now that you under-
stand how Traceroute works, you may want to go back and play with it some more.
A new version of ICMP has been defined for IPv6 in RFC 4443. In addition to
reorganizing the existing ICMP type and code definitions, ICMPv6 also added new
types and codes required by the new IPv6 functionality. These include the “Packet
Too Big” type and an “unrecognized IPv6 options” error code.
为 IPv6 定义了新的 ICMP 规范. 包括 “包太大了”, “未识别 IPv6”.