- Posts: 259
- Thank you received: 0
Ping Question
- FallenZer0
- Offline
- Premium Member
Less
More
17 years 7 months ago #21146
by FallenZer0
S0lo,
If a router does not have a route in its routing table for a packet, to a destination network, shouldn't the router send an ICMP "Destination Network Unreachable" error message instead of "Destination Host Unreachable".
May be I am being unclear. Let me put it this way, when would an ICMP Network Unreachable error message is sent?
Cheers
FallenZer0
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
Replied by FallenZer0 on topic Re: Ping Question
I Think this is the case, When a router does not find an entry in the routing table to route the packet, it drops it and sends a "Destination Host Unreachable" packet to the sender.
S0lo,
If a router does not have a route in its routing table for a packet, to a destination network, shouldn't the router send an ICMP "Destination Network Unreachable" error message instead of "Destination Host Unreachable".
May be I am being unclear. Let me put it this way, when would an ICMP Network Unreachable error message is sent?
Cheers
FallenZer0
-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
17 years 7 months ago #21148
by S0lo
Good question. I'm not sure, I might be wrong when I said "Host Unreachable". Yes it could be "Network Unreachable". I looked into this. RFC792 www.faqs.org/rfcs/rfc792.html defines ICMP. In a quick browse I could not spot any thing related. But I found the following codes:
[code:1] Codes
0 Net Unreachable
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed and Don't Fragment was Set
5 Source Route Failed
6 Destination Network Unknown
7 Destination Host Unknown
8 Source Host Isolated
9 Communication with Destination Network is
Administratively Prohibited
10 Communication with Destination Host is
Administratively Prohibited
11 Destination Network Unreachable for Type of Service
12 Destination Host Unreachable for Type of Service
13 Communication Administratively Prohibited [RFC1812]
14 Host Precedence Violation [RFC1812]
15 Precedence cutoff in effect [RFC1812][/code:1]
If your into this, you could run a sniffer caching ICMP packets and checking which codes it is. It appears to be either 0 or 1
Still wether it's this or that. both explain the counting of 4 packets recieved. I hope I'm not wrong here too.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: Ping Question
when would an ICMP Network Unreachable error message is sent?
Good question. I'm not sure, I might be wrong when I said "Host Unreachable". Yes it could be "Network Unreachable". I looked into this. RFC792 www.faqs.org/rfcs/rfc792.html defines ICMP. In a quick browse I could not spot any thing related. But I found the following codes:
[code:1] Codes
0 Net Unreachable
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed and Don't Fragment was Set
5 Source Route Failed
6 Destination Network Unknown
7 Destination Host Unknown
8 Source Host Isolated
9 Communication with Destination Network is
Administratively Prohibited
10 Communication with Destination Host is
Administratively Prohibited
11 Destination Network Unreachable for Type of Service
12 Destination Host Unreachable for Type of Service
13 Communication Administratively Prohibited [RFC1812]
14 Host Precedence Violation [RFC1812]
15 Precedence cutoff in effect [RFC1812][/code:1]
If your into this, you could run a sniffer caching ICMP packets and checking which codes it is. It appears to be either 0 or 1
Still wether it's this or that. both explain the counting of 4 packets recieved. I hope I'm not wrong here too.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
17 years 7 months ago #21149
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Ping Question
Its a very interesting question, when woud you see Host Unreachable ? Surely you are able to route to the subnet ok but you don't get a reply off the host but would that not cause a Request Time Out ?
According to the TCP/IP Guide (Pg. 522) it says - [code:1]"Network Unreachable - The datagram could not be delivered to the network specified in the Network ID portion of the IP Address. THis usually means a problem with routing but could also be a bad address"[/code:1]
Pretty straight forward if you ask me; however;
[code:1]"Host Unreachable - The datagram was delivered to the network specified in the Network ID portion of the IP address but could not be sent to the speicifc host included in the address. AGain, this usually implies a routing issue"[/code:1]
Eh, would that not cause a "request time out" ? So does it depend on how the routers/firewalls are configured on how it will respond ?
Anyone else can shed any light on this ?
According to the TCP/IP Guide (Pg. 522) it says - [code:1]"Network Unreachable - The datagram could not be delivered to the network specified in the Network ID portion of the IP Address. THis usually means a problem with routing but could also be a bad address"[/code:1]
Pretty straight forward if you ask me; however;
[code:1]"Host Unreachable - The datagram was delivered to the network specified in the Network ID portion of the IP address but could not be sent to the speicifc host included in the address. AGain, this usually implies a routing issue"[/code:1]
Eh, would that not cause a "request time out" ? So does it depend on how the routers/firewalls are configured on how it will respond ?
Anyone else can shed any light on this ?
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 7 months ago #21159
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Ping Question
Ignore that last post, just realised that its actually upto the utility what is displayed. I'm thinking that its upto the utility to take the response and display whatever its programmed to display in response to it.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
- ashok_nitc
- Offline
- Junior Member
Less
More
- Posts: 64
- Thank you received: 0
17 years 7 months ago #21166
by ashok_nitc
Replied by ashok_nitc on topic Re: Ping Question
i am working from the subnet: 10.0.36.19/24 and trying to ping 10.0.30.2/24 and getting the reply requiest time out. but able to ping successfully 10.0.30.1/24(gateway)!
(both subnets are from the same organization)
what could be the reason for this? i guess its for firewall but not sure!
(both subnets are from the same organization)
what could be the reason for this? i guess its for firewall but not sure!
17 years 7 months ago #21168
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Ping Question
What the host at the .2 address ? Is it a firewall/router ? Is it switched on ?
Cheers
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.148 seconds