Ping Error Messages - Networking Computer Tips To block from ping respond #iptables A INPUT P icmp icmp-type echo-request

j DROP Linux Iptables allow or block ICMP ping request

The Internet Control Message Protocol (ICMP) has many messages that are identified by a "type" field. You need to use 0 and 8 ICMP code types. => Zero (0) is for echo-reply => Eight (8) is for echo-request. To enable ICMP ping incoming client request use following iptables rule (you need to add following rules to script). My default firewall policy is blocking everything. Task: Enable or allow ICMP ping incoming client request Rule to enable ICMP ping incoming client request ( assuming that default iptables policy is to drop all INPUT and OUTPUT packets)

SERVER_IP="202.54.10.20" iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -d $SERVER_IP -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -p icmp --icmp-type 0 -s $SERVER_IP -d 0/0 -m state --state ESTABLISHED,RELATED -j ACCEPT

Task: Allow or enable outgoing ping request To enable ICMP ping outgoing request use following iptables rule:

SERVER_IP="202.54.10.20" iptables -A OUTPUT -p icmp --icmp-type 8 -s $SERVER_IP -d 0/0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p icmp --icmp-type 0 -s 0/0 -d $SERVER_IP -m state --state ESTABLISHED,RELATED -j ACCEPT

How do I disable outgoing ICMP request? Use the following rules:

iptables -A OUTPUT -p icmp --icmp-type echo-request -j DROP

OR

iptables -A OUTPUT -p icmp --icmp-type 8 -j DROP

ICMP echo-request type will be block by above rule. See ICMP TYPE NUMBERS (type fields). You can also get list of ICMP types, just type following command at shell prompt: # /sbin/iptables -p icmp -h

ShareThis PING (Packet Internet Groper) is a program used to test whether a particular network host is online by sending an ICMP (Internet control message protocol) echo request and waiting for a response. It is used for troubleshooting connectivity between network devices such as servers, routers, workstations and printers

TTL Expired in Transit The TTL value determines the maximum amount of time an IP packet may live in the network without reaching its destination. It is effectively a bound on the number of routers an IP packet may pass through before being discarded. This message indicates that the TTL expired in transit. Number of required hops exceeds TTL. Increase TTL by using the ping -i switch. Destination Host Unreachable The host that you are trying to ping is down or is not operating on the network. A local or remote route does not exist for destination host. Modify the local route table or notify the router administrator. Request Timed Out The ping command timed out because there was no reply from the host. No Echo Reply messages were received due to network traffic, failure of the ARP request packet filtering, or router error. Increase the wait time using the ping -w switch. Unknown Host The IP Address or the Host Name does not exist in the network or the destination host name cannot be resolved. Verify name and availability of DNS servers.

TTL Expired in Transit The number of hops required to reach the destination exceeds the TTL set by the sending host to forward the packets. The default TTL value for ICMP Echo Requests sent by Ping is 32. In some cases, this is not enough to travel the required number of links to a destination. You can increase the TTL using the -i switch, up to a maximum of 255 links. If increasing the TTL value fails to resolve the problem, the packets are being forwarded in a routing loop, a circular path among routers. Use Tracert to track down the source of the routing loop, which appears as a repeated series of the same IP addresses in the Tracert report. Next, make an appropriate change to the routing tables, or inform the administrator of a remote router of the problem. Top Of Page Destination Host Unreachable This message indicates one of two problems: either the local system has no route to the desired destination, or a remote router reports that it has no route to the destination. The two problems can be distinguished by the form of the message. If the message is simply "Destination Host Unreachable," then there is no route from the local system, and the packets to be sent were never put on the wire. Use the Route utility to check the local routing table. If the message is "Reply From < IP address >: Destination Host Unreachable," then the routing problem occurred at a remote router, whose address is indicated by the "< IP address >" field. Use the appropriate utility or facility to check the IP routing table of the router assigned the IP address of < IP address >. If you pinged using an IP address, retry it with a host name to ensure that the IP address you tried is correct.

Request Timed Out This message indicates that no Echo Reply messages were received within the default time of 1 second. This can be due to many different causes; the most common include network congestion, failure of the ARP request, packet filtering, routing error, or a silent discard. Most often, it means that a route back to the sending host has failed. This might be because the

destination host does not know the route back to the sending host, or one of the intermediary routers does not know the route back, or even that the destination host's default gateway does not know the route back. Check the routing table of the destination host to see whether it has a route to the sending host before checking tables at the routers. If the remote routing tables are correct and contain a valid route back to the sending host, to see if the ARP cache lacks the proper address, use the arp -acommand to print the contents of the ARP cache. Also, check the subnet mask to be sure that a remote address has not been interpreted as local. Next, use Tracert to follow the route to the destination. While Tracert does not record the address of the last hop or the path that the packet followed on the return path, it might show that the packet made it to the destination. If this is the case, the problem is probably a routing issue on the return path. If the trace doesn't quite reach the destination, it might be because the target host is protected by a firewall. When a firewall protects the destination, ICMP packet filtering prevents the ping packetsor any other ICMP messagesfrom crossing the firewall and reaching their destination. To check for network congestion, simply increase the allowed latency by setting a higher wait time with the -w switch, such as 5000 milliseconds. Try to ping the destination again. If the request still times out, congestion is not the problem; an address resolution problem or routing error is a more likely issue.

Unknown Host This error message indicates that the requested host name cannot be resolved to its IP address; check that the name is entered correctly and that the DNS servers can resolve it.

Code Description 0 1 Network unreachable error. Host unreachable error.

2 3

Protocol unreachable error (the designated transport protocol is not supported). Port unreachable error (the designated protocol is unable to inform the host of the incoming message). The datagram is too big. Packet fragmentation is required but the 'don't fragment' (DF) flag is on. Source route failed error. Destination network unknown error. Destination host unknown error. Source host isolated error (military use only). The destination network is administratively prohibited. The destination host is administratively prohibited. The network is unreachable for Type Of Service. The host is unreachable for Type Of Service. Communication administratively prohibited (administrative filtering prevents packet from being forwarded). Host precedence violation (indicates the requested precedence is not permitted for the combination of host or network and port). Precedence cutoff in effect (precedence of datagram is below the level set by the network administrators).

4 5 6 7 8 9 10 11 12 13

14

15

The default TTL value for ICMP Echo Requests sent by Ping is 32. OS/Device AIX AIX AIX BSDI Compa Cisco DEC Pathworks Foundry FreeBSD FreeBSD FreeBSD 2.1R 3.4, 4.0 5 V5 3.2, 4.1 BSD/OS 3.1 and 4.0 Tru64 v5.0 Version Protocol TCP UDP ICMP ICMP ICMP ICMP TCP and UDP ICMP TCP and UDP ICMP ICMP TTL 60 30 255 255 64 254 30 64 64 255 64

HP-UX HP-UX HP-UX HP-UX HP-UX Irix Irix Irix juniper MPE/IX (HP) Linux Linux Linux Linux

9.0x 10.01 10.2 11 11 5.3 6.x 6.5.3, 6.5.8

TCP and UDP TCP and UDP ICMP ICMP TCP TCP and UDP TCP and UDP ICMP ICMP ICMP

30 64 255 255 64 60 60 255 64 200 64 255 255

2.0.x kernel 2.2.14 kernel 2.4 kernel Red Hat 9

ICMP ICMP ICMP

ICMP and TCP 64 TCP and UDP 60

MacOS/MacTCP 2.0.x MacOS/MacTCP X (10.5.6) NetBSD Netgear FVG318 OpenBSD OpenVMS OS/2 OSF/1 OSF/1 Solaris 2.6 & 2.7 07.01.2002 TCP/IP 3.0 V3.2A V3.2A 2.5.1, 2.6, 2.7, 2.8

ICMP/TCP/UDP 64 ICMP 255

ICMP and UDP 64 ICMP ICMP 255 255 64 TCP UDP ICMP 60 30 255

Solaris Stratus Stratus Stratus Stratus SunOS SunOS Ultrix Ultrix Ultrix VMS/Multinet VMS/TCPware VMS/TCPware

2.8 TCP_OS TCP_OS (14.2-) TCP_OS (14.3+) STCP 4.1.3/4.1.4 5.7 V4.1/V4.2A V4.1/V4.2A V4.2 4.5

TCP ICMP TCP and UDP TCP and UDP

64 255 30 64

ICMP/TCP/UDP 60 TCP and UDP 60

ICMP and TCP 255 TCP UDP ICMP TCP and UDP TCP UDP TCP UDP TCP and UDP 60 30 255 64 60 64 128 30 128 32 32 32 128 128 32 128 32

VMS/Wollongong 1.1.1.1 VMS/Wollongong 1.1.1.1 VMS/UCX Windows Windows Windows Windows Windows Windows Windows Windows for Workgroups 95 98 98, 98 SE 98 NT 3.51 NT 4.0 NT 4.0 SP5-

TCP and UDP TCP and UDP ICMP ICMP TCP TCP and UDP TCP and UDP

Windows Windows Windows Windows Windows Windows Windows Windows .

NT 4.0 SP6+ NT 4 WRKS SP 3, SP 6a NT 4 Server SP4 ME 2000 pro 2000 family Server 2003 XP ICMP ICMP ICMP

128 128 128 128

ICMP/TCP/UDP 128 ICMP 128 128 ICMP/TCP/UDP 128

7. Application Layer NNTP SIP SSI DNS FTP Gopher HTTP NFS NTP SMPP SMTP SNMP Telnet DHCP Netconf RTP SPDY (more) 6. Presentation Layer MIME XDR TLS SSL 5. Session Layer Named Pipes NetBIOS SAP L2TP PPTP SOCKS 4. Transport Layer TCP UDP SCTP DCCP SPX 3. Network Layer IP (IPv4, IPv6) ICMP IPsec IGMP IPX AppleTalk 2. Data Link Layer ATM SDLC HDLC ARP CSLIP SLIP GFP PLIP IEEE 802.3 Frame Relay I TU-T G.hn DLL PPP X.25 Network Switch 1. Physical Layer

EIA/TIA-232 EIA/TIA-449 ITU-T VSeries I.430 I.431 POTS PDH SONET/SDH PON OTN DSL IEEE 802.3 IE EE 802.11 IEEE 802.15 IEEE 802.16 IEEE 1394 ITUT G.hn PHY USB Bluetooth Hubs

o Access Accessibility Controls Accessibility Wizard Add Hardware Wizard Add/Remove Programs Administrative Tools Adobe Acrobat (if installed) Adobe Designer (if installed) Adobe Distiller (if installed) Adobe ImageReady (if installed) Adobe Photoshop (if installed) Automatic Updates Bluetooth Transfer Wizard Calculator Certificate Manager

Run Command access.cpl accwiz hdwwiz.cpl appwiz.cpl control admintools acrobat formdesigner acrodist imageready photoshop wuaucpl.cpl fsquirt calc certmgr.msc

Character Map Check Disk Utility Clipboard Viewer Command Prompt Component Services Computer Management Control Panel Date and Time Properties DDE Shares Device Manager Direct X Control Panel (if installed)* Direct X Troubleshooter Disk Cleanup Utility Disk Defragment Disk Management Disk Partition Manager Display Properties Display Properties Display Properties (w/Appearance Tab Preselected) Dr. Watson System Troubleshooting Utility Driver Verifier Utility

charmap chkdsk clipbrd cmd dcomcnfg compmgmt.msc control timedate.cpl ddeshare devmgmt.msc directx.cpl dxdiag cleanmgr dfrg.msc diskmgmt.msc diskpart control desktop desk.cpl control color drwtsn32 verifier

Event Viewer Files and Settings Transfer Tool File Signature Verification Tool Findfast Firefox (if installed) Folders Properties Fonts Fonts Folder Free Cell Card Game Game Controllers Group Policy Editor (XP Prof) Hearts Card Game Help and Support HyperTerminal Iexpress Wizard Indexing Service Internet Connection Wizard Internet Explorer Internet Properties Internet Setup Wizard IP Configuration (Display Connection Configuration)

eventvwr.msc migwiz sigverif findfast.cpl firefox folders control fonts fonts freecell joy.cpl gpedit.msc mshearts helpctr hypertrm iexpress ciadv.msc icwconn1 iexplore inetcpl.cpl inetwiz ipconfig /all

IP Configuration (Display DNS Cache Contents)

ipconfig /displaydns ipconfig /flushdns ipconfig /release ipconfig /renew ipconfig /registerdns ipconfig /showclassid ipconfig /setclassid jpicpl32.cpl javaws control keyboard secpol.msc lusrmgr.msc logoff mrt msaccess winchat excel frontpg

IP Configuration (Delete DNS Cache Contents) IP Configuration (Release All Connections) IP Configuration (Renew All Connections) IP Configuration (Refreshes DHCP & Re-Registers DNS)

IP Configuration (Display DHCP Class ID)

IP Configuration (Modifies DHCP Class ID) Java Control Panel (if installed) Java Control Panel (if installed) Keyboard Properties Local Security Settings Local Users and Groups Logs You Out Of Windows Malicious Software Removal Tool Microsoft Access (if installed) Microsoft Chat Microsoft Excel (if installed) Microsoft Frontpage (if installed)

Microsoft Movie Maker Microsoft Paint Microsoft Powerpoint (if installed) Microsoft Word (if installed) Microsoft Syncronization Tool Minesweeper Game Mouse Properties Mouse Properties Nero (if installed) Netmeeting Network Connections Network Connections Network Setup Wizard Notepad Nview Desktop Manager (if installed) Object Packager ODBC Data Source Administrator On Screen Keyboard Opens AC3 Filter (if installed) Outlook Express Paint

moviemk mspaint powerpnt winword mobsync winmine control mouse main.cpl nero conf control netconnections ncpa.cpl netsetup.cpl notepad nvtuicpl.cpl packager odbccp32.cpl osk ac3filter.cpl msimn pbrush

Password Properties Performance Monitor Performance Monitor Phone and Modem Options Phone Dialer Pinball Game Power Configuration Printers and Faxes Printers Folder Private Character Editor Quicktime (If Installed) Quicktime Player (if installed) Real Player (if installed) Regional Settings Registry Editor Registry Editor Remote Access Phonebook Remote Desktop Removable Storage Removable Storage Operator Requests Resultant Set of Policy (XP Prof)

password.cpl perfmon.msc perfmon telephon.cpl dialer pinball powercfg.cpl control printers printers eudcedit QuickTime.cpl quicktimeplayer realplay intl.cpl regedit regedit32 rasphone mstsc ntmsmgr.msc ntmsoprq.msc rsop.msc

Scanners and Cameras Scheduled Tasks Security Center Services Shared Folders Shuts Down Windows Sounds and Audio Spider Solitare Card Game SQL Client Configuration System Configuration Editor System Configuration Utility System File Checker Utility (Scan Immediately) System File Checker Utility (Scan Once At The Next Boot) System File Checker Utility (Scan On Every Boot) System File Checker Utility (Return Scan Setting To Default) System File Checker Utility (Purge File Cache) System File Checker Utility (Sets Cache Size to size x) System Information System Properties Task Manager TCP Tester

sticpl.cpl control schedtasks wscui.cpl services.msc fsmgmt.msc shutdown mmsys.cpl spider cliconfg sysedit msconfig sfc /scannow sfc /scanonce sfc /scanboot sfc /revert sfc /purgecache sfc /cachesize=x msinfo32 sysdm.cpl taskmgr tcptest

Telnet Client Tweak UI (if installed) User Account Management Utility Manager Windows Address Book Windows Address Book Import Utility Windows Backup Utility (if installed) Windows Explorer Windows Firewall Windows Magnifier Windows Management Infrastructure Windows Media Player Windows Messenger Windows Picture Import Wizard (need camera connected) Windows System Security Tool Windows Update Launches Windows Version (to show which version of windows) Windows XP Tour Wizard Wordpad

telnet tweakui nusrmgr.cpl utilman wab wabmig ntbackup explorer firewall.cpl magnify wmimgmt.msc wmplayer msmsgs wiaacmgr syskey wupdmgr winver tourstart write

diff b/w hub,switch,bridge,router

http://www.nutt.net/2004/11/20/difference-in-hub-switch-bridge-router/ Difference in Hub, Switch, Bridge, & Router | Nutt.net www.nutt.net In an ethernet network there are 4 devices that from the the outside look very similar. In this article we will look at the difference between hubs, switches, bridges, and routers. Top of Form Like Follow Post Share 7 hours ago near Chennai

Muthu Kumaran Loganathan Hub: 1) Unintelligent Device 2) No Technology to handle MAC information 3) No memory 4) It gets the data from one port, regenerates the data and sends the data to all ports. 5) Also called as multi port Repeater. 2 hours ago Like

Muthu Kumaran Loganathan Switch: 1) Intelligent Device 2) It has RAM to handle MAC information 3) It forwards the data with the help of MAT(MAC Address Table) 4) It has a specialized hardware called ASICS (Application Specific Integrated Circuits) 2 hours ago Like

Muthu Kumaran Loganathan Router: 1) Used to communicate between different Networks. 2) It provides WAN Connectivity 3) It can read IP Header

information. 4) It maintains IP routing table which contains best paths to reach destination networks. 2 hours ago Like Bottom of Form

/windows/system32/drivers/etc/hosts file... 2 hours ago Like The proxy is not applied in the above scenario.. that's the question... So we need to check in the Hosts file... EX: If you give 127.0.0.1 yahoo.com, it will assign that yahoo.com ip is 127.0.0.1, but it is a loop back ip.. so You can't able

II.ROUTING PROTOCOLS Most of the routing algorithms they are possible to be classified like one of two basic algorithms: Distance Vector and Link-State. 1. Distance Vector characteristics: 3 (1 collects data of the information of the routing table of its neighbors. (2) determines the best route adding the metric value that receives as the routing information happens from router to another one. (3) With most of the protocols of routing by distance vector, the updates for the changes of topology consist of periodic updates of the tables. RIP and EIGRP are examples of vector distance protocols. 2. Link state characteristics: (1) The link state routing obtains a great vision of the topology of complete internetwork accumulating all the necessary LSA. (2) In the link state routing, each router it works independently to calculate its own shorter route towards the networks destiny. (3) With the protocols of routing of connection state, the updates are caused generally by changes in the topology. The relatively small LSA that have gone to all the others routers generally give like result faster times of convergence with any change of topology of the internetwork. OSPF its an example of link state protocol. A. Routing information protocol (RIP) d. RIP characteristics: (1) Distance vector routing protocol.

(2) It metric is the number of jumps. (3) The maximum number of jumps is 15 4 (4) One updates every 30 seconds (5) Not always it selects the fastest route for the packages (6) It generates great amount of traffic of network with updates. Another one of the problems that the use of the RIP presents is that sometimes a destiny can be located too much far like being attainable. The RIP allows fifteen as maximum limit for the number of jumps through which data can be sent. The network destiny is considered unreachable if there are more than fifteen jumps of router. B. Enhanced Interior Gateway Routing Protocol (EIGRP) As its name suggests, EIGRP is an enhanced version of IGRP (Interior Gateway Routing Protocol), an obsolete routing protocol that was developed by Cisco EIGRP sends partial updates when a metric or the topology on the network changes. It does not send full routing-table updates in periodic fashion as distance-vector protocols do. EIGRP is a classless protocol that permits the use of VLSMs (Variable Length Subnet Masks) and supports CIDR (Classless Inter-Domain Routing) for a scalable allocation of IP addresses. EIGRP uses the metrics like bandwidth, delay, reliability, load, and MTU in making its routing decisions .The default metrics used are bandwidth and delay. For a more granular level of control, EIGRP multiplies each of the metrics by 256 before performing the calculation of the composite

metric. EIGRP has been designed to make much better use of bandwidth, and to allow routers to have a much better awareness of neighboring routers. Instead of sending its entire routing table out at regular intervals, an EIGRP router sends out only partial updates, and even then, only when a route changes. This makes a better use of the available network bandwidth. An EIGRP router also has a more complete view of the network than a typical distance vector protocol as it not only maintains its own routing table, but also keeps a copy of the routing tables of neighboring routers. When an EIGRP router cannot find a route to a network based on all the information it currently has, it sends out a query to other routers, which is propagated until a route is found. C. Open shortest path first (OSPF)

(1) Fast detection of changes in the topology and very fast reestablishment of routes without loops. (2) Low overload, use updates that inform about changes on routes. (3) Division of traffic by several equivalent routes. (4) Routing according type of service. (5) Use of multi-send in local area networks. (6) Subnet and Super-net mask. (7) Authentication III. SIMULATION 1. Simulation Methodology Network is simulated using OPNET Modeler. OPNET