求解UDP协议在返回ICMP报文问题

7年

看帖子的各位老师、师兄好：
      
             请教一个TCP/IP协议簇中的问题！
      
       UDP协议接收一个UDP包，会查询相关的端口号队列为这个包进行向上转发。
       当没有这个端口号的时候，会调用ICMP协议发送一个“目标端口不可达的信息”。
   
这里我想请教一下：
         UDP协议为ICMP提供什么信息，来作为ICMP协议发送“错误报文”的参考？
         也就是说传输层协议要调用ICMP协议发送错误报告类信息时，要提供什么信息？
         还有传输层的Socket address，在接收端是怎样处理的？



                    ———— 在此先谢谢！！！

olo

做个实验抓个包分析一下
实验环境：windows xp
工具：nslookup（xp自带）+Wireshark
  原理是这样，向网络上一台主机的udp端口发送数据，而这台主机并没有相应进程打开我们那个udp端口。这时就会返回“目标端口不可达”，用wireshark观察整个过程
163.com的一个ip地址是220.181.29.154，这个主机应该没有开dns服务，用nslookup向这个主机查询当然会返回“目标端口不可达”
C:\Documents and Settings\olo>nslookup
Default Server:  dns3.xj.cninfo.net
Address:  61.128.99.133

> server 220.181.29.154
Default Server:  [220.181.29.154]
Address:  220.181.29.154
>
现在再查询域名，nslookup就会向220.181.29.154查询
打开wireshark，开始抓包，查询163.com的域名
发现就抓到两个包一个是dns查询请求（udp），一个是icmp包，目标端口不可达

No.     Time        Source                Destination           Protocol Info
      1 0.000000    192.168.1.66          220.181.29.154        DNS      Standard query A 163.com

Frame 1 (67 bytes on wire, 67 bytes captured)
    Arrival Time: Oct  7, 2006 15:43:04.120151000
    [Time delta from previous packet: 0.000000000 seconds]
    [Time since reference or first frame: 0.000000000 seconds]
    Frame Number: 1
    Packet Length: 67 bytes
    Capture Length: 67 bytes
    [Frame is marked: False]
    [Protocols in frame: eth:ip:udp]
    [Coloring Rule Name: UDP]
    [Coloring Rule String: udp]
Ethernet II, Src: Adra_56:a0:19 (00:00:71:56:a0:19), Dst: Hangzhou_09:3d:28 (00:0f:e2:09:3d:2
    Destination: Hangzhou_09:3d:28 (00:0f:e2:09:3d:2
        Address: Hangzhou_09:3d:28 (00:0f:e2:09:3d:2
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
    Source: Adra_56:a0:19 (00:00:71:56:a0:19)
        Address: Adra_56:a0:19 (00:00:71:56:a0:19)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
    Type: IP (0x0800)
Internet Protocol, Src: 192.168.1.66 (192.168.1.66), Dst: 220.181.29.154 (220.181.29.154)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
    Total Length: 53
    Identification: 0xa9d0 (43472)
    Flags: 0x00
    Fragment offset: 0
    Time to live: 128
    Protocol: UDP (0x11)
    Header checksum: 0xd4ad [correct]
    Source: 192.168.1.66 (192.168.1.66)
    Destination: 220.181.29.154 (220.181.29.154)
User Datagram Protocol, Src Port: 2275 (2275), Dst Port: domain (53)
    Source port: 2275 (2275)
    Destination port: domain (53)
    Length: 33
    Checksum: 0x8b1e [correct]
Domain Name System (query)

No.     Time        Source                Destination           Protocol Info
      2 0.100118    220.181.29.154        192.168.1.66          ICMP     Destination unreachable (Port unreachable)

Frame 2 (95 bytes on wire, 95 bytes captured)
    Arrival Time: Oct  7, 2006 15:43:04.220269000
    [Time delta from previous packet: 0.100118000 seconds]
    [Time since reference or first frame: 0.100118000 seconds]
    Frame Number: 2
    Packet Length: 95 bytes
    Capture Length: 95 bytes
    [Frame is marked: False]
    [Protocols in frame: eth:ip:icmp:ip:udp]
    [Coloring Rule Name: ICMP errors]
    [Coloring Rule String: icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 11 || icmp.type eq 5]
Ethernet II, Src: Hangzhou_09:3d:28 (00:0f:e2:09:3d:2, Dst: Adra_56:a0:19 (00:00:71:56:a0:19)
    Destination: Adra_56:a0:19 (00:00:71:56:a0:19)
        Address: Adra_56:a0:19 (00:00:71:56:a0:19)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
    Source: Hangzhou_09:3d:28 (00:0f:e2:09:3d:2
        Address: Hangzhou_09:3d:28 (00:0f:e2:09:3d:2
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
    Type: IP (0x0800)
Internet Protocol, Src: 220.181.29.154 (220.181.29.154), Dst: 192.168.1.66 (192.168.1.66)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
    Total Length: 81
    Identification: 0xaf8a (4493
    Flags: 0x00
    Fragment offset: 0
    Time to live: 52
    Protocol: ICMP (0x01)
    Header checksum: 0x1a28 [correct]
    Source: 220.181.29.154 (220.181.29.154)
    Destination: 192.168.1.66 (192.168.1.66)
Internet Control Message Protocol
    Type: 3 (Destination unreachable)
    Code: 3 (Port unreachable)
    Checksum: 0xb969 [correct]
    Internet Protocol, Src: 192.168.1.66 (192.168.1.66), Dst: 220.181.29.154 (220.181.29.154)
        Version: 4
        Header length: 20 bytes
        Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
        Total Length: 53
        Identification: 0xa9d0 (43472)
        Flags: 0x00
        Fragment offset: 0
        Time to live: 117
        Protocol: UDP (0x11)
        Header checksum: 0xdfad [correct]
        Source: 192.168.1.66 (192.168.1.66)
        Destination: 220.181.29.154 (220.181.29.154)
    User Datagram Protocol, Src Port: 2275 (2275), Dst Port: domain (53)
        Source port: 2275 (2275)
        Destination port: domain (53)
        Length: 33
        Checksum: 0x8b1e [correct]
    Domain Name System (query)


这部分应该是udp提供给icmp的
User Datagram Protocol, Src Port: 2275 (2275), Dst Port: domain (53)
        Source port: 2275 (2275)
        Destination port: domain (53)
        Length: 33
        Checksum: 0x8b1e [correct]
    Domain Name System (query)

接收端怎么处理应该是应用层来实现的，不知道理解的正不正确

dzho002

我的理解是， 在目标端口不可达的情况下，数据包还没到传输层（UDP／TCP）就挂了。 网络层看到没有进程在监听指定的协议端口， 就会送回一个“目标端口不可达”的ICMP报文。该错误报文中会包括前8个字节的原数据包内容，这就是你在ICMP中看到的UDP部分。