[e2e] Re: Question on "identification" field of IP header
Kevin Fall
kfall at EECS.Berkeley.EDU
Fri Dec 13 10:42:28 PST 2002
And, the including of 64-bits of "data" was later updated by rfc1812:
...
4.3.2.3 Original Message Header
Historically, every ICMP error message has included the Internet
header and at least the first 8 data bytes of the datagram that
triggered the error. This is no longer adequate, due to the use of
IP-in-IP tunneling and other technologies. Therefore, the ICMP
datagram SHOULD contain as much of the original datagram as possible
without the length of the ICMP datagram exceeding 576 bytes. The
returned IP header (and user data) MUST be identical to that which
was received, except that the router is not required to undo any
modifications to the IP header that are normally performed in
forwarding that were performed before the error was detected (e.g.,
decrementing the TTL, or updating options). Note that the
requirements of Section [4.3.3.5] supersede this requirement in some
cases (i.e., for a Parameter Problem message, if the problem is in a
modified field, the router must undo the modification). See Section
[4.3.3.5]).
...
- K
>
> From: David Borman <dab at bsdi.com>
> To: end2end-interest at postel.org, mouse at Rodents.Montreal.QC.CA,
tcp-impl at grc.nasa.gov
> Subject: Re: Question on "identification" field of IP header
> Date: Fri, 13 Dec 2002 11:14:11 CST
>
> Just a minor nit that I feel should be clarified:
>
> > From: der Mouse <mouse at Rodents.Montreal.QC.CA>
> > Date: Fri, 13 Dec 2002 16:41:51 +0100 (CET)
> > Subject: Re: Question on "identification" field of IP header
> ...
> > Note that the portion of a packet returned in an ICMP does not include
> > even the IP source and destination addresses; the identification value
> > is almost the only value that can be relied upon to identify the
> > original packet upon getting an ICMP....
>
> Actually, ICMP packets are supposed to return the entire IP header
> (including options) plus 64 bits of the IP data. So, you should get
> up to the TCP and UDP port numbers. (RFC 792 explicitly states
> that it assumes that higher level protocols have their port numbers
> in the first 64 bits).
>
> -David Borman
More information about the end2end-interest
mailing list