Chapter 5 ICMPv6 |
111 |
■Checksum Stores a checksum of the ICMPv6 message. The size of this field is 16 bits. The IPv6 pseudo-header is added to the front of the ICMPv6 message when calculating the checksum. For more information about the IPv6 pseudo-header, see “Upper-Layer Checksums” in Chapter 4, “The IPv6 Header.”
■Message body Contains ICMPv6 message-specific data.
ICMPv6 Error Messages
ICMPv6 error messages report forwarding or delivery errors by either a router or the destination host, and they consist of the following messages:
■Destination Unreachable (ICMPv6 Type 1)
■Packet Too Big (ICMPv6 Type 2)
■Time Exceeded (ICMPv6 Type 3)
■Parameter Problem (ICMPv6 Type 4)
To conserve network bandwidth, ICMPv6 error messages are not sent for every error encountered. Instead, ICMPv6 error messages are rate limited. Although not required by RFC 4443, the recommended method for rate limiting ICMPv6 error messages is known as token bucket. There is an average rate of transmission of ICMPv6 error messages that cannot be exceeded. The rate of transmission can be based on a number of ICMPv6 error messages per second or a specified percentage of a link’s bandwidth. However, to better handle error notification for bursty traffic, the node can send a number of messages in a burst, provided the number of messages in the burst does not exceed the overall transmission rate.
Destination Unreachable
A router or a destination host sends an ICMPv6 Destination Unreachable message when the packet cannot be forwarded to the destination node or upper-layer protocol. Figure 5-2 shows the structure of the Destination Unreachable message.
Type |
|
= 1 |
|
|
|
|
|
|
|
||||
Code |
|
= 0 – 6 |
||||
Checksum |
|
|
|
|
||
|
|
|
|
|||
Unused |
|
|
|
|
||
|
|
|
|
|||
Portion of Discarded Packet |
|
|
|
• • • |
||
|
|
|
||||
|
|
|
|
|
||
Figure 5-2 The structure of the Destination Unreachable message
In the Destination Unreachable message, the Type field is set to 1 and the Code field is set to a value in the range of 0 through 6. Following the Checksum field is a 32-bit Unused field and the leading portion of the discarded packet, sized so that the entire IPv6 packet containing the ICMPv6 message is no larger than 1280 bytes (the minimum IPv6 MTU). The number of bytes
112 Understanding IPv6, Second Edition
of the discarded packet included in the message varies if there are IPv6 extension headers present. For an ICMPv6 message without extension headers, up to 1232 bytes of the discarded packet are included (1280 less a 40-byte IPv6 header and an 8-byte ICMPv6 Destination Unreachable header).
Table 5-1 lists the value of the Code field for the various Destination Unreachable messages as defined in RFC 4443.
Table 5-1 ICMPv6 Destination Unreachable Messages
Code Field Value |
Description |
|
0 |
- No Route to Destination |
No route matching the destination was found in the routing table. |
|
|
|
1 |
- Communication with |
The communication with the destination is prohibited by |
Destination Administratively |
administrative policy. This is typically sent when the packet is |
|
Prohibited |
discarded by a firewall. |
|
|
|
|
2 |
- Beyond Scope of Source |
The destination is beyond the scope of the source address. A |
Address |
router sends this when the packet must be forwarded using an |
|
|
|
interface that is not within the scoped zone of the source address. |
|
|
|
3 |
- Address Unreachable |
The destination address is unreachable. This is typically sent by a |
|
|
router because of an inability to resolve the destination’s link-layer |
|
|
address. |
|
|
|
4 |
- Port Unreachable |
The destination port was unreachable. This is typically sent when |
|
|
an IPv6 packet containing a UDP message arrived at the |
|
|
destination but there were no applications listening on the |
|
|
destination UDP port. |
|
|
|
5 |
- Source Address Failed |
The packet with this source address is not allowed because of |
Ingress/Egress Policy |
inbound (ingress) or outbound (egress) packet-filtering policies. |
|
|
|
|
6 |
- Reject Route to Destination |
The packet matched a reject route and was discarded. A reject |
|
|
route is anaddress prefix configured on arouterfor traffic that the |
|
|
router must immediately discard. |
|
|
|
Network Monitor Capture
Here is an example of a Destination Unreachable-No Route to Destination message as displayed by Network Monitor 3.1 (frame 1 of capture 05_01 in the \NetworkMonitorCaptures folder on the companion CD-ROM):
Frame:
+ Ethernet: Etype = IPv6
-Ipv6: Next Protocol = ICMPv6, Payload Length = 88
+Versions: IPv6, Internet Protocol, DSCP 0 PayloadLength: 88 (0x58)
NextProtocol: ICMPv6, 58(0x3a) HopLimit: 128 (0x80)
SourceAddress: 2001:DB8:0:2:201:2FF:FE44:87D1 DestinationAddress: 2001:DB8:0:2:260:97FF:FE02:6E8F
-Icmpv6: Destination unreachable
MessageType: Destination unreachable, 1(0x1) - DestUnreachable:
Code: No route to destination, 0(0) Checksum: 6328 (0x18B8)
Chapter 5 ICMPv6 |
113 |
Unused: 0 (0x0)
-InvokingPacket: Next Protocol = ICMPv6, Payload Length = 40
+Versions: IPv6, Internet Protocol, DSCP 0 PayloadLength: 40 (0x28)
NextProtocol: ICMPv6, 58(0x3a) HopLimit: 128 (0x80)
SourceAddress: 2001:DB8:0:2:260:97FF:FE02:6E8F DestinationAddress: 2001:DB8:0:91:260:8FF:FE52:F9D8 OriginalIPPayload: Binary Large Object (40 Bytes)
Packet Too Big
A router sends an ICMPv6 Packet Too Big message when the packet cannot be forwarded because the link MTU on the forwarding interface of the router is smaller than the size of the IPv6 packet. Figure 5-3 shows the structure of the Packet Too Big message.
Type 
= 2
Code 
= 0
Checksum 
MTU 
Portion of Discarded Packet
• • •
Figure 5-3 The structure of the Packet Too Big message
In the Packet Too Big message, the Type field is set to 2 and the Code field is set to 0. Following the Checksum field is a 32-bit MTU field that stores the link MTU of the interface over which the packet was being forwarded. Next is the leading portion of the discarded packet, sized so that the entire IPv6 packet containing the ICMPv6 message is no larger than
1280 bytes. The Packet Too Big message is used for the IPv6 Path MTU Discovery process described in the “Path MTU Discovery” section of this chapter.
Network Monitor Capture
Here is an example of a Packet Too Big message as displayed by Network Monitor 3.1 (frame 2 of capture 05_02 in the \NetworkMonitorCaptures folder on the companion CD-ROM):
Frame:
+ Ethernet: Etype = IPv6
-Ipv6: Next Protocol = ICMPv6, Payload Length = 1240
+Versions: IPv6, Internet Protocol, DSCP 0 PayloadLength: 1240 (0x4D8)
NextProtocol: ICMPv6, 58(0x3a) HopLimit: 64 (0x40)
SourceAddress: FEC0:0:0:F282:201:2FF:FE44:87D1 DestinationAddress: FEC0:0:0:F282:2B0:D0FF:FEE9:4143
-Icmpv6: Packet too big
MessageType: Packet too big, 2(0x2)
-PacketTooBig: Code: 0 (0x0)
Checksum: 44349 (0xAD3D)
114 Understanding IPv6, Second Edition
MTU: 1280 (0x500)
-InvokingPacket: Next Protocol = ICMPv6, Payload Length = 1460
+Versions: IPv6, Internet Protocol, DSCP 0 PayloadLength: 1460 (0x5B4)
NextProtocol: ICMPv6, 58(0x3a) HopLimit: 63 (0x3F)
SourceAddress: FEC0:0:0:F282:2B0:D0FF:FEE9:4143 DestinationAddress: FEC0:0:0:0:0:0:0:1 OriginalIPPayload: Binary Large Object (1192 Bytes)
This message was sent by a router attempting to forward a 1500-byte Echo Request message over an interface that supported only a 1280-byte IPv6 MTU.
Time Exceeded
A router typically sends an ICMPv6 Time Exceeded message when the Hop Limit field in the IPv6 header becomes zero after decrementing its value during the forwarding process. Figure 5-4 shows the structure of the Time Exceeded message.
Type 
= 3
Code 
= 0 or 1
Checksum 
Unused 
Portion of Discarded Packet
• • •
Figure 5-4 The structure of the Time Exceeded message
In the Time Exceeded message, the Type field is set to 3 and the Code field is set to the following:
■0 (Hop Limit Exceeded in Transit) by a router when the Hop Limit field in the IPv6 header is decremented to 0, or in the rare instance when the value of the Hop Limit field in the IPv6 header of an arriving packet is 0.
■1 (Fragment Reassembly Time Exceeded) by a host when the fragmentation reassembly time of the destination host expires. RFC 2460 specifies a reassembly time of
60 seconds.
Following the Checksum field is a 32-bit Unused field and the leading portion of the discarded packet, sized so that the entire IPv6 packet containing the ICMPv6 message is no larger than 1280 bytes.
The receipt of a Time Exceeded-Hop Limit Exceeded in Transit message indicates that either the value of the Hop Limit field of outgoing packets is not large enough to reach the destination or that a routing loop exists. A recommended value for the Hop Limit field set by the sending node is twice the diameter of the network, where the diameter is the maximum number of links between the farthest ends of the network. A routing loop is a condition on a network in which packets are forwarded in a loop between two or more routers.