/TZKXTKZRG_KXVXUZUIURY The RARP server changes the opcode to 4 (RARP reply). It then inserts the missing address in the target IP address field, and sends the reply directly back to the requesting machine. The requesting machine then stores it in memory until next time it reboots. All RARP servers on a network will reply to a RARP request, even though only one reply is required. The RARP software on the requesting machine sets a timer when sending a request and retransmits the request if the timer expires before a reply has been received. On a best-effort local area network, such as Ethernet, the provision of more than one RARP server reduces the likelihood of RARP replies being lost or dropped because the server is down or overloaded. This is important because a diskless workstation often requires its own IP address before it can complete its bootstrap procedure. To avoid multiple and unnecessary RARP responses on a broadcast-type network such as Ethernet, each machine on the network is assigned a particular server, called its primary RARP server. When a machine broadcasts a RARP request, all servers will receive it and record its time of arrival, but only the primary server for that machine will reply. If the primary server is unable to reply for any reason, the sender’s timer will expire, it will rebroadcast its request and all non-primary servers receiving the rebroadcast so soon after the initial broadcast will respond. Alternatively, all RARP servers can be programmed to respond to the initial broadcast, with the primary server set to reply immediately, and all other servers set to respond after a random time delay. The retransmission of a request should be delayed for long enough for these delayed RARP replies to arrive. RARP has several drawbacks. It has to be implemented as a server process. It is also prudent to have more than one server, since no diskless workstation can boot up if the single RARP server goes down. In addition to this, very little information (only an IP address) is returned. Finally, RARP uses a MAC address to obtain an IP address, hence it cannot be routed. /TZKXTKZIUTZXURSKYYGMKVXUZUIUR/)36 Errors occur in all networks. These arise when destination nodes fail, or become temporarily unavailable, or when certain routes become overloaded with traffic. A message mechanism called the Internet control message protocol (ICMP) is incorporated into the TCP/IP protocol suite to report errors and other useful information about the performance and operation of the network. /)36SKYYGMKYZX[IZ[XK ICMP communicates between the Internet layers on two nodes and is used by both gateways (routers) and individual hosts. Although ICMP is viewed as residing within the Internet layer, its messages travel across the network encapsulated in IP datagrams in the same way as higher layer protocol (such as TCP or UDP) datagrams. This is done with the protocol field in the IP header set to 0x1, indicating that an ICMP datagram is being carried. The reason for this approach is that, due to its simplicity, the ICMP header does not include any IP address information and is therefore in itself not routable. It therefore has little choice but to rely on IP for delivery. The ICMP message, consisting of an ICMP header and ICMP data, is encapsulated as ‘data’ within an IP datagram with the resultant structure indicated in the figure below. The complete IP datagram, in turn, has to depend on the lower network interface layer (for example, Ethernet) and is thus contained as payload within the Ethernet data area. 6XGIZOIGR:)6/6GTJ+ZNKXTKZ4KZ]UXQOTM Figure 6.28 Encapsulation of the ICMP message /)36GVVROIGZOUTY The various uses for ICMP include: • Exchanging messages between hosts to synchronize clocks • Exchanging subnet mask information • Informing a sending node that its message will be terminated due to an expired TTL • Determining whether a node (either host or router) is reachable • Advising routers of better routes • Informing a sending host that its messages are arriving too fast and that it should back off There are a variety of ICMP messages, each with a different format, yet the first 3 fields as contained in the first 4 bytes or ‘long word’ are the same for all. The overall ICMP message structure is given in Figure 6.29. Figure 6.29 General ICMP message format The three common fields are: • ICMP message type A code that identifies the type of ICMP message • Code A code in which interpretation depends on the type of ICMP message • Checksum A 16-bit checksum that is calculated on the entire ICMP datagram /TZKXTKZRG_KXVXUZUIURY Table 6.30 ICMP message types ICMP messages can be further subdivided into two broad groups viz. ICMP error messages and ICMP query messages as follows. /)36KXXUXSKYYGMKY • Destination unreachable • Time exceeded • Invalid parameters • Source quench • Redirect /)36W[KX_SKYYGMKY • Echo request and reply messages • Time-stamp request and reply messages • Subnet mask request and reply messages Too many ICMP error messages in the case of a network experiencing errors due to heavy traffic can exacerbate the problem, hence the following conditions apply: • No ICMP messages are generated in response to ICMP messages • No ICMP error messages are generated for multicast frames • ICMP error messages are only generated for the first frame in a series of segments Here follows a few examples of ICMP error messages. 9U[XIKW[KTIN If a gateway (router) receives a high rate of datagrams from a particular source it will issue a source quench ICMP message for every datagram it discards. The source node will then slow down its rate of transmission until the source quench messages stop; at which stage it will gradually increase the rate again. 6XGIZOIGR:)6/6GTJ+ZNKXTKZ4KZ]UXQOTM Figure 6.31 Source quench message format Apart from the first 3 fields, already discussed, the header contains the following additional fields: • Original IP datagram header The IP header of the datagram that led to the generation of this message • Original IP datagram data The first 8 bytes of the data portion of the datagram that led to the generation of this message. This is for identification purposes 8KJOXKIZOUTSKYYGMKY When a gateway (router) detects that a source node is not using the best route in which to transmit its datagram, it sends a message to the node advising it of the better route. Figure 6.32 Redirect message format Apart from the first 3 fields, already discussed, the header contains the following additional fields: • Router Internet address The IP address of the router that needs to update its routing tables • Original IP datagram header The IP header of the datagram that led to the generation of this message • Original IP datagram data The first 8 bytes of the data portion of the datagram that led to the generation of this message. This is for identification purposes The code values are as follows. Figure 6.33 Table of code values /TZKXTKZRG_KXVXUZUIURY :OSKK^IKKJKJSKYYGMKY If a datagram has traversed too many routers, its TTL (time to live) counter will eventually reach a count of zero. The ICMP time exceeded message is then sent back to the source node. The time exceeded message will also be generated if one of the fragments of a fragmented datagram fails to arrive at the destination node within a given time period and as a result the datagram cannot be reconstructed. Figure 6.34 Time exceeded message structure The code field is then as follows. Figure 6.35 Table of code values Code 1 refers to the situation where a gateway waits to reassemble a few fragments and a fragment of the datagram never arrives at the gateway. 6GXGSKZKXVXUHRKSSKYYGMKY When there are problems with a particular datagram’s contents, a parameter problem message is sent to the original source. The pointer field points to the problem bytes. (Code 1 is only used to indicate that a required option is missing – the pointer field is not used here.) Figure 6.36 Parameter problem ;TXKGINGHRKJKYZOTGZOUT When a gateway is unable to deliver a datagram, it responds with this message. The datagram is then ‘dropped’ (deleted). Figure 6.37 ICMP destination unreachable message . message protocol (ICMP) is incorporated into the TCP/IP protocol suite to report errors and other useful information about the performance and operation of the network. /)36SKYYGMKYZX[IZ[XK ICMP. turn, has to depend on the lower network interface layer (for example, Ethernet) and is thus contained as payload within the Ethernet data area. 6XGIZOIGR:)6/6GTJ+ZNKXTKZ4KZ]UXQOTM . the initial broadcast, with the primary server set to reply immediately, and all other servers set to respond after a random time delay. The retransmission of a request should be delayed for