[clug] Re: Determining availability of a remote machine

Michael Still mikal at stillhq.com
Fri Apr 4 18:53:27 EST 2003 

On Fri, 4 Apr 2003, Jepri wrote:

Beware the long reply.

> On 2003.04.03 19:38, Kim Holburn wrote:
> > Exactly what is it you're talking about?  What is part of the ping
> > standard?  /etc/services has udp and tcp ports.  What has that to do
> > with ping?
>
> These lines have everything to do with ping:
>
> echo            7/tcp
> echo            7/udp

This is the echo service. It is normally disabled, because there is no
need to enable it. It is _not_ ICMP.

	"ICMP is often considered part of the IP layer. It communicates
	error messages and other conditions that require attention. ICMP
	messages are normally acted on by either the IP layer or the
	higher layer protocol (TCP or UDP)." [1]

Or, alternatively:

	"The Internet Control Message Protocol allows routers to send
	error or control messages to other routers or hosts; ICMP provides
	communication between the Internel Protocol software on one
	machine and the Internet Protocol software on another." [6]

Note again, that ICMP sits at the IP layer, which is beneath UDP and TCP.

An ICMP message is of the general form:

	[8 bit type][8 bit code][16 bit checksum]
	[...contents...				]

You'll note that there is no TCP or UDP header specified here, because
ICMP is a lower level protocol than these. Ping implements an ICMP echo
request of the form [2]:

	[8][0][checksum]
	[optional data to return]

(Matching the model above)

The reply is of the form [2]:

	[0][0][checksum]
	[returned data]

You'll again note that this has nothing to do with the TCP and UDP echo
services. A teaching implementation of ICMP is available for those who are
interested in such things [7]. ICMP also does important things like
letting you know about fragmentation, and that the router you chose was
suboptimal. Consider the network:

     machine ----def route-
                          |
                         \./
    router 2           router 1
       |
       |
      \./
    internet

The machine here has router 1 as a default route. It is trying to reach
the Internet, which really should use router 2. Now, router 1 could just
route the traffic to 2, which would work. A _nice_ router would return an
ICMP redirect, that informs the machine to send that traffic directly to
router 2.

That's a silly example, but I am sure we can all think of times it's
useful.

> This is documented in RFC 862

ICMP is documented in RFC 792. The echo service you describe is an
interactive user level thing, which is different from ICMP, less useful
(although it does verify that TCP or UDP works on the box as well), and
normally disabled. It is further documented at [8].

RFC 862 is four paragraphs long, and says:

	"The echo service sits on port 7, and replies back with whatever
	you said, just like a senile grandmother" [9]

> although I understand that it is no
> longer trendy to go to the source when arguing about network
> protocols.

I can only imagine that this is a deliberate attempt to offend Kim, who is
regularly helpful on this mailling list. Would you care to rephrase [3]?

> I constantly have to restrain the other sysadmin at work
> from just making up crap about network protocols and palming it off as
> 'knowledge'.

No comment.

Yours in a ongoing effort to learn more about everything,
Mikal

---------------------------------------

[1]: TCP/IP Illustrated, Volume One: The protocols, W Richard Stevens, p69

[2]: TCP/IP Illustrated, Volume One: The protocols, W Richard Stevens, p70

[3]: I constantly hear from people who are not willing to use this
mailling list, or attend CLUG meetings because of the unwarranted rudeness
of the people who frequent both. Now, obviously not all people are guilty
of this, and not all people are aware they are doing it, but it is off
putting. The kind of thing is hold Linux back people. [4] [5]

[4]: I know I am guilty of this is this very email, but someone has to
take a mini-stand. I hope people will also note that I have tried to
inject some fact into the arguement.

[5]: And to be honest, LKML is no different. David Miller tells stories of
his first post to LKML where he was flamed for daring to post from an AOL
account.

[6]: Internetworking with TCP/IP, Volume One: Principles Protocols and
Architectures, Douglas E Comer, p130

[7]: TCP/IP Illusrated, Volume Two: The Implementation, Gary Wright and W
Richard Stevens, p301

[8]: Unix Network Programming, Volume One: Networking APIs: Sockets and
XTI, W Richard Stevens, p51

[9]: Me, just then.





If you bothered to read this far, then I thank you for paying attention,
and appologise for any offense caused.


-- 

Michael Still (mikal at stillhq.com) | Stage 1: Steal underpants
http://www.stillhq.com            | Stage 2: ????
UTC + 10                          | Stage 3: Profit

More information about the linux mailing list