IPv6 Series part 6: ICMPv6

22 Aug

So far in this series, we have looked at the features of IPv6, IPv6 addressing, and the structures of IPv6 headers and packets. In this article, we will be looking at a protocol that is important to the working of IPv6—ICMPv6.

Introduction to ICMPv6

ICMPv6 is similar to ICMP for IPv4, except that ICMPv6 has added functionality and implements some changes that are necessary for the operation of IPv6. Like ICMP for IPv4, ICMPv6 provides error reporting (e.g., destination unreachable) and network diagnostic functions (e.g., ping). Also, ICMPv6 provides a foundation for other IPv6 operations, such as neighbor discovery (ND), which we will look at in future articles.

ICMPv6 Message Structure

The general format of ICMPv6 messages is similar to that of ICMP for IPv4. As we saw in the previous article, an ICMP message will be preceded by an IPv6 header and IPv6 extension headers if available and the Next Header value for an ICMP message will be 58. The figure below shows the Wireshark capture we used in the previous article:

 

ICMPv6-fig1

As described in RFC 4443, the general structure for ICMPv6 messages is shown below:

The Type field defines the type of message, e.g., Destination Unreachable or Echo Reply. TheCode field may be used to add granularity to a particular message type; for example, the reason why a destination is unreachable. The Checksum field is used to check that the integrity of the ICMPv6 message and parts of the IPv6 header is preserved. Finally, the Message Body will vary depending on the ICMPv6 message type.

ICMPv6 Message Types

Let’s consider the Type field in the ICMPv6 general message structure above. Notice that it is made up of 8 bits, therefore you have a range of 00000000 (0 in decimal) to 11111111 (255 in decimal). Unlike ICMP for IPv4, which had “scattered” message types, ICMPv6 message types are divided into two groups:

  1. Error messages—These messages have “0″ in the high-order bit of Type field; therefore, error messages are in the range of 00000000 (0) to 01111111 (127).
  2. Informational messages—These message types have “1″ in the high-order bit of the Type field; therefore informational messages are in the range of 10000000 (128) to 11111111 (255).

ICMPv6 Error Messages

Currently, there are four ICMPv6 error messages that have been assigned, i.e., type 1 to type 4. Also, type 0 is reserved; type 100 and type 101 have been assigned for private experimentation; and type 127 has been reserved for possible future expansion of ICMPv6 error messages. We will now consider the type 1 to 4 error messages.

Type 1—Destination Unreachable

A Destination Unreachable message is generated when a packet cannot be delivered to the destination address. The ICMPv6 destination unreachable message has the following structure:

The Type field will have a value of 1. Also, because there are several reasons why a packet may not be deliverable, there are various values for the Code field in this message as shown in the table below:

Let’s take a look at a Destination Unreachable message in Wireshark. I have applied an access list to filter ping packets to fe80::2; therefore, from our table, the code should be 1 as shown below.

Type 2—Packet Too Big

The Packet Too Big message is generated in response to a packet that cannot be sent because the packet size exceeds the MTU of the outgoing link. This message is especially useful for the path MTU discovery process.

The Type field is set to 2 and the Code field is set to 0. The MTU field contains the maximum transmission unit of the outgoing link.

Type 3—Time Exceeded

A time exceeded message is sent when either the hop limit of a packet is 0 (upon receipt or after decrementing) or there is a timeout during fragment reassembly.

The Type field is set to 3, while the Code field can be either 0 (hop limit exceeded) or 1 (fragment reassembly timeout exceeded).

Type 4—Parameter Problem

The ICMPv6 message is sent when there is a problem with the IPv6 header or IPv6 extension header and further processing of the IPv6 packet cannot take place. For example, if “144″ is found in the Next Header field, this message will be generated because “144″ is not currently assigned to any protocol.

The Type field is set to 4, while the Code field can have a value between 0 and 3, as shown in the table below. The Pointer field gives information about the part of the IPv6 packet that had issues.

ICMPv6 Informational Messages

There are about 19 ICMPv6 informational messages that have been assigned, but we will be focusing on two common informational messages—Echo Reply and Echo Request.

Type 128- Echo Request and Type 129- Echo Reply

I have grouped these two messages together because they have a similar structure. The major difference is in the Type field: Echo Request has a type value of 128 and Echo Reply has a type value of 129.

Side talk: These type values for Echo Request and Echo Reply are finally logical. I used to wonder in ICMP for IPv4 why Echo Request, which comes first, would have a type value (8) greater than Echo Reply, which comes later (0).

The Identifier and Sequence Number fields help in matching corresponding echo replies to echo requests. For example, look at the Wireshark capture below, which shows the ping (echo request and reply) between fe80::1 and fe80::2; notice that the Identifier is the same (0x13a0) while theSequence Number increases (from 0 to 4). It shows that it is the same ping session but with 5 packets, i.e., the default repeat of ping on Cisco is 5.

Summary

This brings us to the end of this article on ICMPv6, in which we have looked at the general structure of ICMPv6 messages and also discussed the four error messages and two informational messages of ICMPv6. We will see still more of this protocol in other articles, but this is good enough for an introduction.

In the next article, we will begin discussing the neighbor discovery (ND) process of IPv6. I hope you have found this article insightful.

References and Further Reading

Source: http://resources.intenseschool.com/ipv6-icmpv6/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: