China
Africa
Explore chapters and articles related to this topic
The Switch/Router
Published in James Aweya, Switch/Router Architectures, 2019
The Internet Control Message Protocol (ICMP) ping is typically used as part of the diagnosis process when troubleshooting device and link failures in a network. However, LSP failures might not be detected by ICMP ping because ICMP ping packets can be forwarded through the IP layer to the destination even when an LSP failure occurs. Thus, MPLS LSP ping is more appropriate for testing and detecting LSP failures for the following reasons: The TTL value in an MPLS echo request packet is set to 1 and the IPv4 destination address field is set to a 127.0.0.0/8 address and as a result cannot be forwarded through IP.Unlike in ICMP ping, in MPLS LSP ping, the Forwarding Equivalence Class (FEC) being examined is not carried in the IP destination address field.A user can ping a specific LSP by sending MPLS Echo requests carried in MPLS packets over that LSP. The user simply sends an MPLS echo request packet to a target router by specifying the appropriate label stack associated with the LSP to be tested and validated. Sending the MPLS echo request packet with that label stack causes/forces the packet to be forwarded over the specified LSP. The MPLS echo request packet is forwarded to an IP address in the 127.0.0.0/8 (or 127/8) range reserved for loopback addresses (127.0.0.1 being commonly used).
Shared Variable
Published in Rick Bitter, Taqi Mohiuddin, Matt Nawrocki, LabVIEW™ Advanced Programming Techniques, 2017
Rick Bitter, Taqi Mohiuddin, Matt Nawrocki
One counter configuration that may be useful in determining the health of a networked application is shown in Figure 7.4. The performance monitor is tracking counters for the IP object, TCP object, and UDP object. Each object is displaying the Send and Receive counters. If there is suspicion that the host machine is very busy on the network — for example, it is hosting a web server for VI control and the shared variable engine — it can be expected to show the TCP and UDP Send/Receive counters running large numbers. It should not be surprising that the IP counters will run even larger numbers; in fact, it should be approximately equal to the sum of the UDP and TCP counters as IP is the underlying protocol of both TCP and UDP. The reason why the IP counter would only be approximately equal is because there is another commonly used protocol that also uses IP — ICMP. Ping messages and notification of message delivery failure are often sent through ICMP. It is possible for an administrator to monitor counts on multiple computers at once, so the counters shown above can be monitored for the shared variable engine and its clients.
Security with IoT
Published in Rebecca Lee Hammons, Ronald J. Kovac, Fundamentals of Internet of Things for Non-Engineers, 2019
ICMP stands for Internet Control Message Protocol and is used by networks to communicate errors and operational information, the most famous of which is the echo or ‘ping’. ICMP can be used to perform reconnaissance on systems but is probably more famous in the DDoS world as used in a ping flood. A ping flood relies on the fact that for every ping echo request sent to a server, there is a ping echo reply sent back. The protocol allows specification of the number of attempts and the size of the packet. There is even a command to keep pinging until it times out. This is yet another example of the transmission architecture of the internet being used as part of a network-based DoS attack.
A Complete Detection and Mitigation Framework to Protect a Network from DDoS Attacks
Published in IETE Journal of Research, 2022
Ram Charan Baishya, D. K. Bhattacharyya
The defense system considers the third outcome as normal. On the other hand, the first two outcomes are considered as suspected and such traffic is forwarded to another unit, referred to as the verification unit. The task of the verification unit is to explicitly verify the genuineness of the claimed SIP of a received packet. The explicit verification can be done by sending a request probe message to the claimed source IP address and then the mark carried by the response probe packet can be used to decide the genuineness of the source. Typical request/response probe messages could be ICMP echo request and its corresponding response messageA UDP packet sent to an arbitrary port and the corresponding ICMP port unreachable message, assuming no valid application is running on that port.A TCP packet sent to an arbitrary port and corresponding RST message.