The Second Internet HTML version
If the TTL in a packet header is decremented all the way to zero, the packet is discarded, and a Time
Exceeded ICMP message will be sent to the packet sender.
If a node is receiving packets faster than it can handle them, it can send an ICMP Source Quench
message to the sender, who should slow down.
According to the standards, all nodes should always respond to an Echo Request with an Echo Reply.
Due to use of this function by many hackers and worms (for network mapping), many sites now violate
the standard and do not reply to Echo requests. Many ISPs now actually block Echo Requests. Note that
in IPv6, you cannot just block all ICMPv6 messages, as it is a far more integral part of the protocol.
3.3.5 – IPv4 Routing
TCP/IP was designed from the beginning to be an internetworking protocol. That means it supports ways
to get packets from one node to another, even across multiple networks, by various routes through a
possibly complex series of interconnections. If one or more links go down, the packets may travel by
another route. Even within a given group of packets (say, ones that constitute a long e-mail message),
some of the packets may go by one route, and others by another. The process of determining a viable
route (or routes) to get traffic from A to B is called routing. This is one of the most complex areas of
TCP/IP. There are entire long books on the subject. We will be covering only the simplest details, in
order to show what how routing differs between IPv4 and IPv6.
Some simpler network protocols (such as Microsoft’s NetBIOS or NetBEUI) are non-routing. They will
work only within a single LAN. TCP/IP and Netware’s IPX/SPX support routing. You can connect multiple
networks together with them and any node in any network can (in general) exchange data with any
other node in any connected network. The Internet is simply the largest set of interconnected networks
in the world. TCP/IP’s flexible routing capabilities are one of the things that make it possible.
There are many components used to create IP based networks, including NICs, cables, bridges, switches,
and gateways. Of these, only gateways (network devices that can forward packets from one network
segment to another) do routing. There are several kinds of gateways. The simplest case is a router,
which uses various protocols, such as RIP, OSPF and BGP to determine where to forward packets,
depending on their destination address. It is possible to build a router from a generic PC (or other
computer) if it has multiple network interfaces (NICs), connected to multiple (otherwise disjoint)
networks. Most operating systems with network support can be configured to do packet forwarding
(accepting a packet from one network, via one NIC, and then forwarding it on to another network, via a
different NIC). Typically no changes are made to the packet other than decrementing the hop count in
the IP packet header. If NAT is being performed, numerous changes may be made to the packet header.
It is also possible for a gateway node to do other processing as the packets flow through it, such as
filtering packets on certain criteria (e.g. allow traffic using port 25 to node 172.20.0.11 to pass, but block
port 25 traffic to all other nodes). These are called packet filtering firewalls. They are really just routers
that allow more control over the flow of traffic, and can protect the network from various attacks. Even
in a packet filtering firewall, all processing still takes place at the Internet Layer. More sophisticated
packet filtering firewalls can “inspect” the contents of the packets and maintain a record (“state”) of