[clug] Re: Determining availability of a remote machine
Robert.Edwards at anu.edu.au
Wed Apr 9 12:54:29 EST 2003
On Fri, 4 Apr 2003 06:53 pm, Michael Still wrote:
> Note again, that ICMP sits at the IP layer, which is beneath UDP and TCP.
> An ICMP message is of the general form:
> [8 bit type][8 bit code][16 bit checksum]
> [...contents... ]
> You'll note that there is no TCP or UDP header specified here, because
> ICMP is a lower level protocol than these. Ping implements an ICMP echo
> request of the form :
> [optional data to return]
Actually, as a Computer Networks lecturer, I should pedantically step in here
and point out that ICMP does NOT "sit" at the IP layer and that ICMP is not a
"lower level protocol" than TCP or UDP. It is an equal protocol to TCP and
UDP and all three sit on top of IP. ICMP is IP protocol number 1, TCP is IP
protocol number 6 and UDP is IP protocol number 17. IP supports up to 254 (or
255?) protocols and these three are amongst the most common. IPSec is another
protocol that sits on top of IP.
The _function_ of ICMP is different to UDP and TCP (which are also different
to each other). ICMP is rarely used by user programs, other than the "ping"
command. Likewise, few user programs use UDP directly, it is mostly used for
networking stuff like DNS, NTP, BootP/DHCP, TFTP etc. etc. Some network
conferencing programs also use UDP.
"ping" implements ICMP echo request (and reply) only, not UDP echo
request/reply or TCP echo request/reply.
Many sites do seem to block some ICMP traffic these days (especially ICMP echo
requests). It is bad practice to block all ICMP packets and there is valuable
information exchanged using ICMP between network hosts and routers etc.
Much of our site blocks UDP traffic almost completely (we use application
gateways for DNS, NTP etc.). So a UDP echo request, even if enabled on our
internal machines, would not get in from outside of our network. I imagine
similar rules are set up at other sites.
I hope this helps.
More information about the linux