Thursday, June 9, 2011

IPV6 - Chapter 3 ICMPv6


This white paper discusses ICMPv6 and describes the types of ICMPv6 messages.

Introducing ICMPv6

Internet Control Message Protocol (ICMP) is communication method for reporting packet-handling errors. ICMP for IPv6 (ICMPv6) is the latest version of ICMP. All IPv6 nodes must conduct ICMPv6 error reporting.
ICMPv6 can be used to analyze intranet communication routes and multicast addresses. It incorporates operations from the Internet Group Management Protocol (IGMP) for reporting errors on multicast transmissions, and ICMPv6 packets are used in the IGMP extension Multicast Listener Discovery (MLD) protocol to locate linked multicast nodes. ICMPv6 is also used for operations such as packet Internet groper (ping), traceroute, and Neighbor Discovery.

ICMPv6 message types

Like IPv6, ICMPv6 is a network layer protocol. However, IPv6 sees ICMPv6 as an upper layer protocol because it sends its messages inside IP datagrams. The two types of ICMPv6 message are
  • error messages
  • information messages

ICMPv6 error messages

The ICMPv6 error messages notify the source node of a transmission error. This enables the packet's originator to implement a solution to the reported error and attempt successful transmission. If the type of error message received is unknown, the message is transferred to an upper layer protocol for processing. The type of message is identified with type values ranging from 1 to 127.
Types of packet transmission error messages include
  • Destination Unreachable
  • Parameter Problem
  • Packet Too Big
  • Time Exceeded

Destination Unreachable

A router will communicate a Destination Unreachable message to the source address when a message cannot be delivered due to a cause other than congested network paths. The Destination Unreachable message signals the reason for delivery failure using one of five codes.
Table 1: Destination Unreachable message codes, labels, and causes
Error message code Error message label Cause of message
0 No route to destination A router without a default route to the destination address generates this message.
1 Communication with destination administratively prohibited A packet-filtering firewall generates this message when a packet is denied access to a host behind a firewall.
2 Not a neighbor This error message is sent when the forwarding node does not share a network link with the next node on the route. It applies to packets using a route defined in the IPv6 routing header extension.
3 Address unreachable An error resolving the IPV6 destination address to a link-layer address can trigger this message.
4 Port unreachable The destination address generates this message when there is no transport layer protocol listening for traffic.

Parameter Problem

When an error with either the IPV6 header or extension headers prevents successful packet processing, the router sends a Parameter Problem message to indicate the nature of the problem to the source address.

Packet Too Big

The router forwards a Packet Too Big message to the source address when the transmitted packet is too large for the maximum transmission unit (MTU) link to the recipient address.

Time Exceeded

The router communicates a Time Exceeded message to the source address when the value of the Hop Limit field reaches zero.

ICMPv6 information messages

Messages with type values of 128 and above are information messages. ICMPv6 information messages, as defined in RFC 1885, can include
  • an Echo Request
  • an Echo Reply
The Echo Request and Echo Reply messages are part of ping. The purpose of ping is to determine whether specific hosts are connected to the same network. If the type of information message received is unknown, the message should be deleted.
IGMP and Neighbor Discovery protocol messages are also classed as information messages.

ICMPv6 message fields

ICMPv6 packets are located within the last extension header in the IPv6 packet, and they are identified in the previous Next Header field by a value of 58. All ICMPv6 packets contain three fields and a message body. The ICMPv6 messages fields have certain functions, as shown in the following table.
Table 2: ICMPv6 message fields
Message field Field function
Type An 8-bit field that specifies the type of message and determines the contents of the message body. A value in the Type field from 0 to 127 indicates an error message, and a value from 128 to 255 indicates an information message.
Code An 8-bit field that provides a numeric code for identifying the type of message.
Checksum A 16-bit field that identifies instances of data violation in the ICMPv6 message and header. The value of the Checksum field is determined using the contents of the ICMPv6 Message fields and the IPv6 pseudoheader.
A 16-bit field that identifies instances of data violation in the ICMPv6 message and header. The value of the Checksum field is determined using the contents of the ICMPv6 Message fields and the IPv6 pseudoheader.

Checksum field

Before sending an ICMP message, a system calculates a checksum to place in the Checksum field. The checksum is calculated as follows:
  • if the ICMP message contains an odd number of bytes, the system adds an imaginary trailing byte equal to zero
  • the extra byte is used in the checksum calculation but is not sent with the message
  • a pseudoheader, containing source and destination IP addresses, the payload length, and the Next Header byte for ICMP is added to the message
  • the pseudoheader is used for checksum generation only and not transmitted
  • the receiving system verifies the checksum by using the same calculation process as the sending system
  • if the checksum is correct, ICMP accepts the message
  • if the checksum is incorrect, ICMP discards the message

Threats to message integrity

ICMPv6 messages can be subject to malicious attacks. For example, the source address of the message may be concealed by an alternative address, the message body may be modified, or the message may be intercepted and forwarded to an address other than the intended destination.
The ICMPv6 authentication mechanism can be applied to ICMPv6 messages to ensure that packets are sent to the intended recipient. A checksum calculation can also be generated, using the value of the data contents to safeguard the integrity of the source address, destination address, and the message body.

Neighbor discovery

The IPv6 Neighbor Discovery protocol incorporates the IPv4 functions of Address Resolution Protocol (ARP), ICMP Router Discovery messages, and ICMP Redirect messages to communicate information across the network. IPV6 nodes use Neighbor Discovery protocol to
  • trace the data-link layer address of local-link multicast neighbors
  • determine the accessibility of neighbors
  • monitor neighbor routers
The Neighbor Discovery protocol utilizes five informational message types to assist in neighbor discovery
  1. Type 133 – Router Solicitation
  2. Type 134 – Router Advertisement
  3. Type 135 – Neighbor Solicitation
  4. Type 136 – Neighbor Advertisement
  5. Type 137 – Redirect

Type 133 – Router Solicitation

The Router Solicitation message is multicast to all routers by a host to prompt routers to generate router advertisement messages.

Type 134 – Router Advertisement

Routers transmit Router Advertisement messages in response to a host's Router Solicitation message. Periodically, routers use Router Advertisement messages to identify themselves to hosts on a network.

Type 135 – Neighbor Solicitation

A key responsibility of ICMP is the mapping of IP addresses to data-link layer addresses. It uses simple strategy to do this – a node multicasts a request to all hosts on the network and requests an Ethernet addresses corresponding to a particular IP address in a Neighbor Solicitation message.

Type 136 – Neighbor Advertisement

A Neighbor Advertisement message takes much the same form as a Neighbor Solicitation message. The advertisement includes the target's IP address, and through an option, it also includes the target's data-link layer address.

Type 137 – Redirect

ICMPv6 uses the Neighbor Redirect message to inform the originator node of a more efficient network route for delivery of the forwarded message. Routers forward the ICMPv6 message and transmit a Redirect message to the local-link address of the originator node if
  • a more effective first hop route is identified on the same local link as the originator node
  • the originator uses a global IPv6 source address to transmit a packet to a local-link neighbor
  • the packet was not addressed to the router that received it
  • the target address of the packet is not a multicast address


Internet Control Message Protocol for IPv6 (ICMPv6) is communication method for reporting packet-handling errors on an IPv6 network. The two message types are information messages and error messages. ICMPv6 is also used for operations such as packet Internet groper (ping), traceroute, and Neighbor Discovery.

No comments:

Post a Comment

tag ur valuable ideas below