A Short Guide to Internet Control Protocols
The "heart" of the Internet as we know it today is the Internet Protocol (IP) which is responsible for routing data to the appropriate destination. It belongs to the group of routed protocols like IPX (Internetwork Packet Exchange), but unlike other routed protocols, the IP was designed to serve the Internet and its internetworks.
In addition to IP, the Internet has various control protocols operating at the network layer (layer three of the OSI model), including:
- ICMP: Internet Control Message Protocol
- ARP: Address Resolution Protocol
- RARP: Reverse Address Resolution Protocol
- BOOTP: Bootstrap Protocol
- DHCP: Dynamic Host Configuration Protocol
So let’s take a look at these protocols in more detail!
ICMP: Internet Control Message Protocol
ICMP protocol was designed with the unreliable characteristics of the IP protocol in mind. Due to the unreliability and the connectionless behavior of IP there was no way of informing the originator host that something went wrong during data transmission; ICMP was designed to provide this function. ICMP messages report back to the sender when something unexpected occurs, giving the sender a clue of what might have gone wrong. ICMP messages are encapsulated in IP packets as pictured below:
ICMP messages have the following format:
ICMP messages contain a message type and some of these messages include a number of message codes. The most important ICMP messages can be seen below:
- Echo Request and Echo Reply (the response to an Echo Request) messages are concurrently used to find whether a host is alive and reachable.
- Destination Unreachable message is issued for various reasons. Mostly this message is issued when a subnet cannot be reached or when a packet with the Do not Fragment bit asserted cannot be delivered to its destination due to a low bandwidth link in transit.
- Time Exceeded message is sent when a router drops a packet because its TTL value reached zero.
More details on ICMP messages can be found on RFC792 – Internet Control Message Protocol.
ARP: Address Resolution Protocol
Every machine on the Internet is given its own IP address, which is a logical entity not a physical one. However, Internet hosts need to be addressed physically (Medium Access Control address) in order for packets to be able to reach them.
To illustrate this concept, imagine sending a letter to a friend. The street name, city, state, and country of your friend’s address resemble the IP address concept. But, before the letter is able to reach your friend, you need to complete the address by adding the street number. A street may have hundreds or even thousands of houses, and the only thing that distinguishes your friend’s house from the rest is the street number. This resembles the data link layer hardware address of machines (MAC address), known also as the Ethernet address.
Ethernet addresses are 48-bit addresses. Ethernet NICs know only this kind of addressing scheme and they really don’t recognize the IP addressing scheme. This is where the ARP protocol takes action. ARP’s purpose is to map IP addresses to MAC addresses in order to complete the puzzle and appropriately deliver data to their destinations. The diagram below illustrates in detail the operation of the ARP protocol:
Now, let’s take a look at what will happen when host 1 on network A wants to send a packet to host 1 on network C:
- By default, routers don’t forward Ethernet broadcasts, so ARP will not work in this case because host 1 on network C will not receive any of these broadcasts.
- To solve this problem, the network stack on host 1 knows that the destination host belongs to an outside network, therefore it forwards all the traffic to the configured default gateway (the router) by entering the Ethernet address of the router in the destination field of layer two (Ethernet destination address= Ethernet 1).
- Router 1 finds out that packets to IP address 192.168.20.2 should go to router 2. The Ethernet address of router 2 is resolved through ARP again and is inserted in the destination Ethernet address field of the frames.
- Router 2 retrieves the frames, and by looking at the Ethernet header it knows that the data are destined for it. To find out if the final host is not already in its ARP table, it performs an ARP request and finds that IP address 192.168.20.2 belongs to the host with Ethernet address Ethernet 8. It constructs an Ethernet frame and forwards the data to its final destination.
RARP: Reverse Address Resolution Protocol
As the name implies, RARP performs the opposite of ARP. In other words, the request is now for the IP address of a host that has a specific Ethernet address. RARP is used when somewhere in the network there is a RARP server which holds a range of IP addresses and assigns them to hosts according to their Ethernet addresses. In this way new machines that come to existence in the network can obtain their IP address from the RARP server by simply issuing a RARP request, the latter being answered by the server.
The disadvantage of RARP is that it uses “all networks” broadcast which by default is not forwarded by routers; so for each subnet a separate RARP server is required which causes financial problems as well as scalability problems.
BOOTP: Bootstrap Protocol
To overcome the problems with RARP, BOOTP was invented. BOOTP is much more flexible; it uses UDP messages and it is forwarded by routers. BOOTP is similar to RARP and serves hosts that request an IP address. However BOOTP is able to provide to the host information such as the IP address of the file server, the IP address of the default user, and subnet mask to be used. This information can be also be forwarded to distant networks with the help of BOOTP relay agents (normally configured on the routers) which are responsible for unicast of BOOTP requests to the corresponding BOOTP server.
A major problem of this protocol is that it requires manual configuration of IP address to Ethernet address tables, something that is supposed to be dynamically performed in most of the cases. Therefore, when BOOTP was improved it was called: Dynamic Host Configuration Protocol (DHCP).
DHCP: Dynamic Host Configuration Protocol
DHCP is based on the same principle as RARP and BOOTP — that is to assign IP addresses to hosts that require one. In Cisco routers, DHCP relay of requests is configured with the IP HELPER [IP address of the DHCP server] command. Due to its automatic behavior, DHCP includes a mechanism to release leased IP address after a given period of time so that IP addresses not needed by hosts can return back to the pool of free addresses.
Consider this scenario: a user is requesting an IP address issuing a DHCP Discover message. The only thing included in the request is the user’s MAC address – 00:11:11:75:a0:af.
The DHCP server replies to the user offering an IP address by using a DHCP offer message. The server, through the DHCP offer, provides the user the IP address, subnet mask, domain name and IP address lease time, among other things. A DHCP offer message example can be seen below:
The user then transmits a formal request to lease the IP address offered by the server by issuing a DHCP Request message as seen below.
The server accepts the user’s request to lease the IP address and responds to the user by issuing a DHCP Ack message.
Internet Control Message Protocol has served its purpose beyond any extent. It offers useful information to network engineers regarding networking problems and provides its services to troubleshooting tools for isolating problems.
Address Resolution Protocol provides the mechanism needed for physically addressing packets on the data link, hence providing existence to data communication. Reverse Address Resolution Protocol, Bootstrap Protocol and its successor Dynamic Host Configuration Protocol, reduce burden on network engineers by providing IP assignment and configuration automation mechanisms.
And don’t forget, all these protocols operate on the Network Layer of the OSI model and provide services to the upper layer protocols.