Upload File

how does ping work

3
32 32 32 32 32 / Department of Computer Science & Information Technology / Department of Computer Science & Information Technology / Department of Computer Science & Information Technology / Department of Computer Science & Information Technology / Department of Computer Science & Information Technology DOSSIER How Does Ping Work? Introduction Ping is basically the command used in networking to check whether the two systems are connected or not. The article discusses how TCP/IP Ping utility works. It sends an ICMP (Internet control message protocol) echo request signal to an interface on the network and in the response it expects to receive an echo ICMP reply. So, by doing this it checks the connectivity, gauge response time and reports different errors. ICMP is a protocol which is used for internetworking layer of TCP/IP and it relies on IP for transport across the network. If we observe this sort of network traffic on our Ethernet network then our protocol analyzer would capture an Ethernet frame transporting an IP datagram with an ICMP message inside. So, question arises that how does Ping command executing on Application layer make an ICMP work? Most of us will answer that a host to host layer is sandwich between these entities. From which another question arises that is it bypassed? If so, then how? And who is responsible for formatting these messages (Echo request & Echo reply)? ICMP message does not contain any addressing information that allows TCP/IP protocol to show that program is to receive a message. So to do that TCP & UDP port numbers are used. So how is this work done? Background TCP/IP suites consist of 4 layers as shown in the fig. and each of them is discussed below: Network Interface layer: - It is similar to OSI layer 1 & 2 i.e. Physical and Data link layer. So, it will contain all type of media used & error correcting, detection and physical addressing etc. Internetworking layer: - It is analogous to OSI layer 3. So, its main function is routing and logical addressing. Here, IP & its addressing reside as does in ICMP. ICMP is a necessary component of any TCP/IP implementation. It does not provide information to the higher-layer protocols (like TCP and UDP). Rather, ICMP provides network diagnostic capabilities and feedback to those responsible for network administration and operation.

Upload: narendra-babu

Post on 28-Dec-2015

10 views

Category:

Documents


0 download

Report

DESCRIPTION

it tells how work on ping

TRANSCRIPT

Page 1: How Does Ping Work

3232323232 / Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology DOSSIER

How Does Ping Work?

IntroductionPing is basically the command used in networking to check whether the two systems areconnected or not. The article discusses how TCP/IP Ping utility works. It sends an ICMP (Internetcontrol message protocol) echo request signal to an interface on the network and in the response itexpects to receive an echo ICMP reply. So, by doing this it checks the connectivity, gaugeresponse time and reports different errors.

ICMP is a protocol which is used for internetworking layer of TCP/IP and it relies on IP for transportacross the network.

If we observe this sort of network traffic on our Ethernet network then our protocol analyzer wouldcapture an Ethernet frame transporting an IP datagram with an ICMP message inside.

So, question arises that how does Ping command executing on Application layer make an ICMPwork? Most of us will answer that a host to host layer is sandwich between these entities. Fromwhich another question arises that is it bypassed? If so, then how? And who is responsible forformatting these messages (Echo request & Echo reply)? ICMP message does not contain anyaddressing information that allows TCP/IP protocol to show that program is to receive a message.So to do that TCP & UDP port numbers are used. So how is this work done?

BackgroundTCP/IP suites consist of 4 layers as shown in the fig. and each of them is discussed below:

Network Interface layer: - It is similar to OSI layer 1 & 2 i.e. Physical and Data link layer. So, itwill contain all type of media used & error correcting, detection and physical addressing etc.

Internetworking layer: - It is analogous to OSI layer 3. So, its main function is routing and logicaladdressing. Here, IP & its addressing reside as does in ICMP. ICMP is a necessary component ofany TCP/IP implementation. It does not provide information to the higher-layer protocols (like TCPand UDP). Rather, ICMP provides network diagnostic capabilities and feedback to thoseresponsible for network administration and operation.

Page 2: How Does Ping Work

Department of Computer Science & Information Technology / 3333333333DOSSIER

Host-to-Host layer: - Iit is analogous to OSIlayer 4 so its works as Transport layer.

It also includes some of the Session layer (5)functionality as well. This is where we expectto find facilities for reliable end-to-end dataexchange, additional error checking, and themeans to discriminate one program fromanother (using port numbers). TCP and UDPreside at this level.

Process layer: - Here, we find high-levelprotocols (like SMTP, HTTP, and FTP)implemented. This is where applicationsexecute.

A Minor MysteryWith ICMP operating at the Internetworkinglayer and the ping program at the Applicationlayer, how is the Host-to-Host layerbypassed? The answer lies in an understandingof what are known as “raw” sockets.

A socket is an endpoint to communication,usually thought to consist of an IP address andport number, which identifies a particular hostand program, respectively. But a programmerhas a slightly different perspective on a socket.From his vantage point, “socket” is a systemfunction that allocates resources that enablesthe program to interact with the TCP/IPprotocol stack beneath. The addressinginformation is associated with this only afterthe socket call is made. (Again, if you areinterested, this is the role of the “bind”function.) So, it is possible to allocate a socketand not overtly associate any addressinginformation with it.

Commonly, there are three encountered typesof sockets: stream, datagram, and raw. TCPuses the stream type and UDP uses thedatagram type. Raw sockets are used by anyapplication that needs to interact directly withIP, bypassing TCP and UDP in doing so.

Here are some special considerations in usingraw sockets. Since you are circumventing the

facilities of the Host-to-Host layer, you foregothe program addressing mechanism and theport numbering scheme. This means thatprograms that employ raw sockets must siftthrough all incoming packets presented tothem in order to find those packets that are ofinterest.

What Actually Goes OnWhen the ping program begins execution, itopens a raw socket sensitive only to ICMP. Thismeans two things:

• On output: the sending of ICMP EchoRequests, the program is required to formatthe ICMP message. The system will providethe IP header and the Ethernet (usually)header.

• On input: the program must examine allICMP messages coming in and cull out theitems of interest. The expected input isICMP Echo Replies.

Let us discuss these points.

On the outbound side, the Echo Requests areformatted in the manner shown in Figure 2. Themessage type is always the coded value eight(8). The code field always contains zero. Thechecksum is used for error detection. The ICMPmessage header and data are included in itscomputation. The ping program performs thiscalculation and fills in the blank. Theidentification field follows and is supposed tocontain the process ID (PID) that uniquelyidentifies that execution of the ping program tothe operating system. On Windows systems,this field contains the constant value 256. Nextis the sequence number field, which starts at 0and is bumped by one on each Echo Requestsent. After these required fields, optional testdata follows. In the ping implementation (Slackware Linux), this includes a timestamp used inthe round-trip time calculation upon receipt ofthe Echo Reply.

Page 3: How Does Ping Work

3434343434 / Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology/ Department of Computer Science & Information Technology DOSSIER

As for inbound ICMP messages, ping’s task is a bit more complex. Because ping is using a rawICMP socket, the program is presented with a copy of all incoming ICMP messages, except for afew special cases like incoming Echo Requests generated by other people pinging us (the latter arehandled by the system). This means that ping sees not only the expected Echo Replies when theyarrive but also things like Destination Unreachable, Source Quench, and Time Exceededmessages. (Figure 3 summarizes the ICMP message types.)

Now think about this for a moment. If you have two copies of the ping program running at thesame time, then they are each going to see one another’s Echo Replies and any other “nastygrams” that might show up. Each instance of the program must identify the messages that arerelevant to it. If you guessed that this is what the PID (identification) field is used for then you areabsolutely right.

Interestingly, the messages coming in are handed to ping with the IP header still intact. So, theprogram has access to important things there like the time-to-live (TTL) value and record routeinformation (if the latter option is turned on).

Jitender Singh Lamba(MTCE 104)


Does ‘Work for the Dole’ work?

How does homeopathy work

How does it work?

How does Bitcoin work?

Does Clicktivism Work?

Why Does This Work? Hear Believe Repent Confess Be baptized Does It Work?

Psychotherapy: Does it Work? Why Does it Work? Psychotherapy: Does it Work? Why Does it Work? Bruce E. Wampold, Ph.D., ABPP Department of Counseling Psychology

Does mms really work

Does Staging Work?

Does it Work ?

How does LIGO work and how well does LIGO work? - …BCBAct/talks04/Alberta_Seminar_03_04.pdfHow does LIGO work and how well does LIGO work? ... clean room in the field 1.2 m diameter

How does Tame work?

OxiClean: Does It Work?

How Does Washback Work

Does foam rolling work?

FORCES - Mr. Finke's Science Class - Home€¦ · Lifting a ping pong ball . straw Suck ! 9 ping pong ball falling The arrow represents the force of gravity . 10 The ball does not

Chih-Ping Chen Work Sample 0109

Does Karma Work?

Does Protein Powder Work?!

What Does Not Work, What May Work

how does it work

ACTION PACKED CORPORATE VENUE SITUATED ON THE … · Ping & Pool PING PONG With four professional standard ping pong tables, you can take on your friends and work colleagues in a

How Does FTIR Work

How does VoIP work

Does the Moral Case Work at Work?

Does Live/work?

Does yoga really work?

A totally online school? How does that work?How does that ... · A totally online school? How does that work?How does that work? Presenters: • Kelly Brooks,Supervisor, Records Processing

How Does Hemodialysis Work

Magnetic therapy does work!

How does WordPress work?

Yu-chin Chen and Kwok Ping Tsang* - vtechworks.lib.vt.edu · WHAT DOES THE YIELD CURVE TELL US ABOUT EXCHANGE RATE PREDICTABILITY? Yu-chin Chen and Kwok Ping Tsang* Abstract—Since

Can Obamacare Work in the US? GROUP 3 PEI-YING CHEN YI-PING CHEN

Does work engagement matter?

How does Google work