Extended Ping (eping)Juniper Networks2251 Corporate Park DriveHerndon20171VirginiaUSArbonica@juniper.netJuniper NetworksElnath-Exora Business Park SurveyBangaloreKanata560103Indiarejithomas@juniper.net
Internet
INTAREAPingICMPThis document describes a new diagnostic tool called Extended Ping
(eping). Network operators execute eping to determine whether a remote
interface is active. In this respect, eping is similar to ping. Eping
differs from ping in that it does not require network reachability
between itself and remote interface whose status is being queried.Eping relies on two new ICMP messages, called Extended Echo and
Extended Echo Reply. Both ICMP messages are defined herein.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.Network operators use ping to determine
whether a remote interface is alive. Ping sends an ICMP Echo
message to the interface being probed and waits for an ICMP Echo Reply.
If ping receives the expected ICMP Echo Reply, it reports that interface
is alive.In order for the Echo message to reach the probed interface, the
probed interface must be addressed appropriately. IP addresses are
scoped as follows:GlobalPrivate Link-local Global addresses are the most widely scoped. A globally addressed
interface can be reached from any node on the Internet. By contrast,
link-local addresses are the least widely scoped. An interface whose
only address is link-local can be reached from on-link interfaces
only.Network operators seek to decrease their dependence on widely-scoped
interface addressing. For example:The operator of an IPv4 network currently assigns global
addresses to all interfaces. In order to conserve scarce IPv4
address space, this operator seeks to renumber selected interfaces
with private addresses.The operator of an IPv4 network currently assigns private
addresses to all interfaces. In order to achieve operational
efficiencies, this operator seeks to leave selected interfaces
unnumbered.The operator of an IPv6 network currently assigns global
addresses to all interfaces. In order to achieve operational
efficiencies, this operator seeks to allow selected interfaces to be
automatically configured with link-local addresses.When a network operator renumbers an interface, replacing a more
widely-scoped address with a less widely-scope address, the operator
also reduces the number of nodes from which ping can probe the
interface. Furthermore, when a network operator removes all addresses
from an interface, leaving it unnumbered, the operator makes that
interface totally inaccessible to ping. Therefore, many network
operators who rely on ping remain dependant upon widely-scoped interface
addressing.This document describes a new diagnostic tool called Extended Ping
(eping). Network operators use eping to determine whether a remote
interface is active. In this respect, eping is similar to ping. Eping
differs from ping in that it does not require reachability between the
probing node and the probed interface. Or, said another way, eping does
not require reachability between the node upon which it executes and the
interface whose status is being queried.Eping relies on two new ICMP messages, called Extended Echo and
Extended Echo Reply. The Extended Echo message makes a semantic
distinction between the destination interface and the probed interface.
The destination interface is the interface to which the Extended Echo
message is delivered. It must be reachable from the probing node. The
probed interface is the interface whose status is being queried. It does
not need to be reachable from the probing node. However, the destination
and probed interfaces must be local to one another (i.e., the same node
must support both interfaces).Because the Extended Echo message makes a distinction between the
destination and probed interfaces, eping can probe every interface on a
node if it can reach any node on the node. In many cases, this allows
network operators to decrease their dependence on widely-scoped
interface addressing.This document is divided into sections, with describing the Extended Echo message and describing the Extended Echo Reply message.
describes how the probed node processes the
Extended Echo message and describes the
eping application.The ICMP Extended Echo message is applicable to both ICMPv4 and
ICMPv6. Like any ICMP message, the ICMP Extended Echo message is
encapsulated in an IP header. The ICMPv4 version of the Extended Echo
message is encapsulated in an IPv4 header, while the ICMPv6 version is
encapsulated in an IPv6 header. depicts the ICMP Extended Echo
message.IP Source Address: Identifies an interface on the probing node.IP Destination Address: Identifies the destination interface (i.e.,
the interface to which this message will be delivered).Type: Extended Echo (TBD. Value to be assigned by IANA.)Code: 0Checksum: For ICMPv4, see RFC 792. For ICMPv6, see RFC 4443.Identifier: An identifier to aid in matching Extended Echo Replies to
this Extended Echo Request. May be zero.Sequence Number: A sequence number to aid in matching Extended Echo
Replies to this Extended Echo Request. May be zero.If the destination interface is different from the probed interface,
the Extended Echo message MUST include ICMP
Extensions . ICMP Extensions MUST include the Interface Identification Object.If the Extended Echo message does not include the Interface
Identification Object, the destination and probed interfaces are
understood to be the same.The Interface Identification Object identifies the probed
interface. It includes an ICMP Object Header (RFC 4884) and object
payload,The ICMP Object Header contains Class-Num and C-Type fields. The
Class-Num field MUST be set to Interface Identification Class (2). The
C-Type contains an Interface Role and several C-Type flags. The
Interface Role MUST be 3 (Next-hop). At least one of the following
C-Type flags MUST be set:IPAddressifIndexnameThe MTU flag MUST NOT be set.If the IPAddress flag is set, the object payload MUST contain an
Interface IP Address Sub-Object. If the name flag is set, the object
payload MUST contain an Interface IP Name Sub-Object. If the ifIndex
flag is set, the object payload MUST contain a 32-bit ifIndex.If the probed interface is identified by address, its address
family does not need to be the same as that of the destination
address. For example, the probed interface can be identified by its
Ethernet address while the destination address is identified by an
IPv4 address.By default, implementations SHOULD NOT support probing by ifName or
ifIndex. See for details.The ICMP Extended Echo Reply message is applicable to both ICMPv4 and
ICMPv6. Like any ICMP message, the ICMP Extended Echo Reply message is
encapsulated in an IP header. The ICMPv4 version of the Extended Echo
Reply message is encapsulated in an IPv4 header, while the ICMPv6
version is encapsulated in an IPv6 header. depicts the ICMP Extended Echo
Reply message.IP source address: Identifies the interface to which the
corresponding ICMP Extended Echo message was sentIP destination address: Identifies the interface from which the
corresponding ICMP Extended Echo message was sentType: Extended Echo Reply (TBD. Value to be assigned by IANA.)Code: Indicates operational status of probed interface. Defined
values are:Inactive (value to be assigned by IANA)IPv4_Active (value to be assigned by IANA)IPv6_Active (value to be assigned by IANA)IPv4_and_IPv6 Active (value to be assigned by IANA)Interface_does_not_exist (value to be assigned by IANA)Malformed_query (value to be assigned by IANA)Query_not_supported (value to be assigned by IANA)Checksum: For ICMPv4, see RFC 792. For ICMPv6, see RFC 4443.Identifier: An identifier to aid in matching Extended Echo Replies to
this Extended Echo Request. May be zero.Sequence Number: A sequence number to aid in matching Extended Echo
Replies to this Extended Echo Request. May be zero.ICMP Extensions: By default, the ICMP Extended Echo Reply message
MUST NOT include ICMP Extensions. However, the responding node MAY be
configured to provide additional information regarding the probed
interface using the Interface Identification Object.When a node receives an ICMPv4 Extended Echo, it MUST format an ICMP
Extended Echo Reply as follows:Don't Fragment flag (DF) is 1More Fragments flag is 0Fragment Offset is 0TTL is 255Protocol is ICMPWhen a node receives an ICMPv6 Extended Echo, it MUST format an
ICMPv6 Extended Echo Reply as follows:Hop Limit is 255Next Header is ICMPv6Flow Label is 0In either case, the responding node MUST:Copy the source address from the Extended Echo message to the
destination address of the Extended Echo ReplyCopy the destination address from the Extended Echo message to
the source address of the Extended Echo ReplySet the DiffServ codepoint to CS0Set the ICMP Type to Extended Echo ReplyCopy the Identifier from the Extended Echo message to the
Extended Echo ReplyCopy the sequence number from the Extended Echo message to the
Extended Echo ReplySet the code appropriatelyAppend ICMP Extensions as requiredSet the checksum appropriatelyThe following rules govern how the Code should be set:If the query is malformed, set the Code to Malformed_queryIf the query type is not supported, set the Code to
Query_not_supportedDetermine which interface is being probed. The probed interface
matches all of the sub-TLVs in the incoming Interface Identification
Object.If the interface does not exist, set the Code to
Interface_does_not_existIf the destination interface is in one security domain and the
probed interface is in another security domain, set the Code to
Interface_does_not_exist. Virtual Private Networks are examples of
security domains.Set the code to Inactive, IPv4_active, IPv6_active or
IPv4_and_IPv6_aqctive as appropriate.The eping application accepts input parameters, sets a counter and
enters a loop to be exited when the counter is equal to zero. On each
iteration of the loop, eping emits an ICMP Extended Echo, decrements the
counter, sets a timer, waits for the timer to expire. If an expected
ICMP Extended Echo Reply arrives while eping is waiting for the timer to
expire, eping relays information returned by that message to its user.
However, on each iteration of the loop, eping waits for the timer to
expire, regardless of whether an Extended Echo Reply message
arrives.Eping accepts the following parameters:CountWaitSource Interface AddressHop CountDestination Interface AddressProbed Interface IdentifierCount is a positive integer whose default value is 3. Count
determines the number of times that eping iterates through the
above-mentioned loop.Wait is a positive integer whose minimum and default values are 1.
Wait determines the duration of the above-mentioned timer, measured in
seconds.Source Interface Address specifies the source address of ICMP
Extended Echo.The destination Interface Address identifies the interface to which
the ICMP Extended Echo message is sent. It can be an IPv4 address or an
IPv6 address. If it is an IPv4 address, eping emits an ICMPv4 message.
If it is an IPv6 address, eping emits an ICMPv6 message.The probed interface is the interface whose status is being queried.
If the probed interface identifier is not specified, the eping
application invokes the traditional ping application and terminates. If
the probed interface identifier is specified, it can be any combination
of the following:an interface namean address from any address family (e.g., IPv4, IPv6, MAC)an ifIndexThe probed interface identifier can have any scope. For example, the
probed interface identifier can be:an IPv6 address, whose scope is globalan IPv6 address, whose scope is link-localan interface name, whose scope is node-localan ifIndex, whose scope is node-localIf the probed interface identifier is an address, it does not need to
be of the same address family as the destination interface address. For
example, eping accepts an IPv4 destination interface address and an IPv6
probed interface identifier.This document requests the following actions from IANA:Add an entry to the "ICMP Type Number" registry, representing the
Extended Echo. This entry has one code (0).Add an entry to the "ICMPv6 Type Number" registry, representing
the Extended Echo. This entry has one code (0).Add an entry to the "ICMP Type Number" registry, representing the
Extended Echo Reply. This entry has the following codes: Inactive,
IPv4_active, IPv6_acive, IPv4_and_IPv6_active,
Interface_does_not_exist, and Query_not_supported.Add an entry to the "ICMPv6 Type Number" registry, representing
the Extended Echo Reply. This entry has the following codes:
Inactive, IPv4_active, IPv6_acive, IPv4_and_IPv6_active,
Interface_does_not_exist, and Query_not_supported.Note to RFC Editor: this section may be removed on publication as an
RFC.Many implementations encode the following information in an
ifName:Interface type (e.g.., Gigabit Ethernet, SONET, T1)Location on chassis (i.e., slot identifier)Location on line card (i.e., port identifier)Location on port (i.e., logical port identifier)While an operator may have a requirement to probe ports using
eping, that operator may not want to expose the above mentioned
information. Therefore, by default, implementations SHOULD NOT support
probing by ifName. However, probing by ifName can be enabled through
configuration.Likewise, the ability to probe by if ifIndex may enable certain
information to be disclosed to attackers. Therefore, by default,
implementations SHOULD NOT support probing by ifIndex. However,
probing by ifIndex can be enabled through configuration.Thanks to Jeff Haas for his thoughtful review of this document.