📄 rfc4443-icmpv6(2006).txt
字号:
from e.3 apply to this case, too).
Conta, et al. Standards Track [Page 6]
RFC 4443 ICMPv6 (ICMP for IPv6) March 2006
(e.5) A packet sent as a link-layer broadcast (the exceptions
from e.3 apply to this case, too).
(e.6) A packet whose source address does not uniquely identify a
single node -- e.g., the IPv6 Unspecified Address, an IPv6
multicast address, or an address known by the ICMP message
originator to be an IPv6 anycast address.
(f) Finally, in order to limit the bandwidth and forwarding costs
incurred by originating ICMPv6 error messages, an IPv6 node MUST
limit the rate of ICMPv6 error messages it originates. This
situation may occur when a source sending a stream of erroneous
packets fails to heed the resulting ICMPv6 error messages.
Rate-limiting of forwarded ICMP messages is out of scope of this
specification.
A recommended method for implementing the rate-limiting function
is a token bucket, limiting the average rate of transmission to
N, where N can be either packets/second or a fraction of the
attached link's bandwidth, but allowing up to B error messages to
be transmitted in a burst, as long as the long-term average is
not exceeded.
Rate-limiting mechanisms that cannot cope with bursty traffic
(e.g., traceroute) are not recommended; for example, a simple
timer-based implementation, allowing an error message every T
milliseconds (even with low values for T), is not reasonable.
The rate-limiting parameters SHOULD be configurable. In the case
of a token-bucket implementation, the best defaults depend on
where the implementation is expected to be deployed (e.g., a
high-end router vs. an embedded host). For example, in a
small/mid-size device, the possible defaults could be B=10,
N=10/s.
NOTE: THE RESTRICTIONS UNDER (e) AND (f) ABOVE TAKE PRECEDENCE OVER
ANY REQUIREMENT ELSEWHERE IN THIS DOCUMENT FOR ORIGINATING ICMP ERROR
MESSAGES.
The following sections describe the message formats for the above
ICMPv6 messages.
Conta, et al. Standards Track [Page 7]
RFC 4443 ICMPv6 (ICMP for IPv6) March 2006
3. ICMPv6 Error Messages
3.1. Destination Unreachable Message
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Unused |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| As much of invoking packet |
+ as possible without the ICMPv6 packet +
| exceeding the minimum IPv6 MTU [IPv6] |
IPv6 Fields:
Destination Address
Copied from the Source Address field of the invoking
packet.
ICMPv6 Fields:
Type 1
Code 0 - No route to destination
1 - Communication with destination
administratively prohibited
2 - Beyond scope of source address
3 - Address unreachable
4 - Port unreachable
5 - Source address failed ingress/egress policy
6 - Reject route to destination
Unused This field is unused for all code values.
It must be initialized to zero by the originator
and ignored by the receiver.
Description
A Destination Unreachable message SHOULD be generated by a router, or
by the IPv6 layer in the originating node, in response to a packet
that cannot be delivered to its destination address for reasons other
than congestion. (An ICMPv6 message MUST NOT be generated if a
packet is dropped due to congestion.)
If the reason for the failure to deliver is lack of a matching entry
in the forwarding node's routing table, the Code field is set to 0.
Conta, et al. Standards Track [Page 8]
RFC 4443 ICMPv6 (ICMP for IPv6) March 2006
(This error can occur only in nodes that do not hold a "default
route" in their routing tables.)
If the reason for the failure to deliver is administrative
prohibition (e.g., a "firewall filter"), the Code field is set to 1.
If the reason for the failure to deliver is that the destination is
beyond the scope of the source address, the Code field is set to 2.
This condition can occur only when the scope of the source address is
smaller than the scope of the destination address (e.g., when a
packet has a link-local source address and a global-scope destination
address) and the packet cannot be delivered to the destination
without leaving the scope of the source address.
If the reason for the failure to deliver cannot be mapped to any of
other codes, the Code field is set to 3. Example of such cases are
an inability to resolve the IPv6 destination address into a
corresponding link address, or a link-specific problem of some sort.
One specific case in which a Destination Unreachable message is sent
with a code 3 is in response to a packet received by a router from a
point-to-point link, destined to an address within a subnet assigned
to that same link (other than one of the receiving router's own
addresses). In such a case, the packet MUST NOT be forwarded back
onto the arrival link.
A destination node SHOULD originate a Destination Unreachable message
with Code 4 in response to a packet for which the transport protocol
(e.g., UDP) has no listener, if that transport protocol has no
alternative means to inform the sender.
If the reason for the failure to deliver is that the packet with this
source address is not allowed due to ingress or egress filtering
policies, the Code field is set to 5.
If the reason for the failure to deliver is that the route to the
destination is a reject route, the Code field is set to 6. This may
occur if the router has been configured to reject all the traffic for
a specific prefix.
Codes 5 and 6 are more informative subsets of code 1.
For security reasons, it is recommended that implementations SHOULD
allow sending of ICMP destination unreachable messages to be
disabled, preferably on a per-interface basis.
Conta, et al. Standards Track [Page 9]
RFC 4443 ICMPv6 (ICMP for IPv6) March 2006
Upper Layer Notification
A node receiving the ICMPv6 Destination Unreachable message MUST
notify the upper-layer process if the relevant process can be
identified (see Section 2.4, (d)).
3.2. Packet Too Big Message
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MTU |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| As much of invoking packet |
+ as possible without the ICMPv6 packet +
| exceeding the minimum IPv6 MTU [IPv6] |
IPv6 Fields:
Destination Address
Copied from the Source Address field of the invoking
packet.
ICMPv6 Fields:
Type 2
Code Set to 0 (zero) by the originator and ignored by the
receiver.
MTU The Maximum Transmission Unit of the next-hop link.
Description
A Packet Too Big MUST be sent by a router in response to a packet
that it cannot forward because the packet is larger than the MTU of
the outgoing link. The information in this message is used as part
of the Path MTU Discovery process [PMTU].
Originating a Packet Too Big Message makes an exception to one of the
rules as to when to originate an ICMPv6 error message. Unlike other
messages, it is sent in response to a packet received with an IPv6
multicast destination address, or with a link-layer multicast or
link-layer broadcast address.
Conta, et al. Standards Track [Page 10]
RFC 4443 ICMPv6 (ICMP for IPv6) March 2006
Upper Layer Notification
An incoming Packet Too Big message MUST be passed to the upper-layer
process if the relevant process can be identified (see Section 2.4,
(d)).
3.3. Time Exceeded Message
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Unused |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| As much of invoking packet |
+ as possible without the ICMPv6 packet +
| exceeding the minimum IPv6 MTU [IPv6] |
IPv6 Fields:
Destination Address
Copied from the Source Address field of the invoking
packet.
ICMPv6 Fields:
Type 3
Code 0 - Hop limit exceeded in transit
1 - Fragment reassembly time exceeded
Unused This field is unused for all code values.
It must be initialized to zero by the originator
and ignored by the receiver.
Description
If a router receives a packet with a Hop Limit of zero, or if a
router decrements a packet's Hop Limit to zero, it MUST discard the
packet and originate an ICMPv6 Time Exceeded message with Code 0 to
the source of the packet. This indicates either a routing loop or
too small an initial Hop Limit value.
An ICMPv6 Time Exceeded message with Code 1 is used to report
fragment reassembly timeout, as specified in [IPv6, Section 4.5].
Conta, et al. Standards Track [Page 11]
RFC 4443 ICMPv6 (ICMP for IPv6) March 2006
Upper Layer Notification
An incoming Time Exceeded message MUST be passed to the upper-layer
process if the relevant process can be identified (see Section 2.4,
(d)).
3.4. Parameter Problem Message
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| As much of invoking packet |
+ as possible without the ICMPv6 packet +
| exceeding the minimum IPv6 MTU [IPv6] |
IPv6 Fields:
Destination Address
Copied from the Source Address field of the invoking
packet.
ICMPv6 Fields:
Type 4
Code 0 - Erroneous header field encountered
1 - Unrecognized Next Header type encountered
2 - Unrecognized IPv6 option encountered
Pointer Identifies the octet offset within the
invoking packet where the error was detected.
The pointer will point beyond the end of the ICMPv6
packet if the field in error is beyond what can fit
in the maximum size of an ICMPv6 error message.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -